If you are running your own mail services, you might already have noticed, that there is a lot of SPAM originating (or actually faking) from @aol.com addresses.
What is the first thing you are thinking off, when it comes to disk encryption/pen drive encryption? Most people will most likely answer this question with “TrueCrypt”. TrueCrypt is a great product. It’s Open-Source and free. It has a great feature set, is well-known in the industry and is available on Linux, MacOS X and Windows.
This week was a hard week for security companies (and some others). Most of you might have read about the KDMS and their recent DNS-Hijacking attacks to Leaseweb, Avira, AVG, WhatsApp, Alexa and even Redtube. Today they also hijacked metasploit.com.
6 years ago I wrote this blog post about protecting your privacy by utilizing encryption technologies. Today this post is current more than ever. Is there really a reason to not encrypt your communication? I’d say: No!
In these days, I am thinking a lot about encryption and integrity of communication channels. Every mail I send, is automatically signed via my GPG key. I am doing this, not only to remind people of the fact, that GPG/PGP exists and that they should use it. I am primarily doing it for its main purpose, to give the recipients the possibility to verify the integrity of the mail and that it was really sent by myself. Today I thought… well, as I give the recipients of my mails this option, why shouldn’t I give this option also to the readers of my blog?
Today I learned again, that sometimes the devil is in the details. We are running OpenVPN since years. We are running it in a way, that we differ between “normal users” and “power users”. While normal users are restricted to perform only the least needed within the VPN, power users (like NetOps) are granted a couple of more things. We are using the “client-config-dir” option for this. Basically a power user will have a special config file in that client-config-dir that assigns the different options to the user, once he connects.
Last week I attended the (ISC)² Security Congress 2013 in Chicago, which took part as sub-congress with the ASIS 59th Annual Seminar and Exhibits. As I am planning to do my CISSP certification in December, we (my company and I) though, that this would be a good opportunity to get prepared and to get some more background on the certification. Also the presentations and sessions sounded actually pretty interessting- eventually they weren’t.
Yes, your eyes are not playing tricks on you… this is yet another blog. Some of you might know my old blog (which I decided to shut down in preference for this new one).
Da Solaris/SunOS ja per default kein “lsof” mitbringt, ich aber immer wieder mal rausfinden muss, welche Prozess auf einem bestimmten Port, hab’ ich schnell mal diesen Einzeiler zusammen gekleistert. Ist nicht gerade schnell und effizient- tut aber was ich benoetige… und schneller als “lsof” installieren ist es allemal.
for pid in $(ls /proc);
pfiles $pid | grep AF_INET | grep 2144 >/dev/null && \
echo "PID $pid is listening on port 2144";
Today I ran into an issue with one of my scripts which is generating a report and uploads it to the customer site via FTP. I lately added a SFTP features, as this was a requirement by one customer. To accomplish this, I used the Net::SFTP module which uses Net::SSH::Perl to connect to the SSH […]