Aug 14
DNS (Domain Name System) allow us to use names instead of IP addresses which is more human friendly way of naming network resources like web sites. How does DNS resolve? Let’s imagine you want to open a web site called www.website.com so make a DNS request on the browser by typing www.website.com into address bar. …
Aug 14
The Cisco CSS offers 2 address translation methods (NAT); Source Group and Destination Group. Source Group When a connection is initiated outbound through the Cisco CSS (from any of the group services) the source IP is translated to the groups VIP address. Source group servers are defined using the add service [service name] command. Example : When SERVER-A initiates …
Aug 13
If you use load balancer in your environment for web content load balancing is always recommended to offload SSL traffic before it gets to web servers. Most application load balancers has hardware SSL modules to increase performance in comparison to the servers which have to do it in software. Additionally without decryption load balancer will …
Aug 13
In this section you will find definitions of security terms typically used in security related book, documentation, articles etc. As a security professional you should know and understand meaning of those expressions and terms. Common terminology • Vulnerability – weakness of security or system (insecure communication, poor passwords, improper input handling) • Exploit – mechanism …
Aug 07
Splunk is powerful SIEM product widely in use by organizations and companies. Network/Security engineer can use it to search device logs using queries to filter interesting data. Here are some basic rules: If you are looking for specific string simply type a keyword in New Search field and press enter Wildcard is supported “*“ Search …
Aug 05
PCI DSS as security standard is split into four levels depending on merchant size in terms of number of payment transactions. Level one is least restrictive and level 1 the most as specified below.
Aug 05
PCI DSS and ISO 27001 are both security standards but it’s important to understand differences between them and how they apply to your organization. ISO 27001 is an international standard, with worldwide recognition, which lays down the requirements for the establishment of an information security management system. It applies to any type of organization, and …
Aug 05
Every network engineer who do some scripting will have to write script to SSH to other host or device. Luckily there’s no need to write long and complex code to do it as there are tools for this already created, tested and widely used. One I would like to introduce is PXSSH. Pxssh is based …
Aug 05
The Secure Sockets Layer (SSL) and Transport Layer Security (TLS) is the most widely deployed security protocol used today. It is essentially a protocol that provides a secure channel between two machines operating over the Internet or an internal network. In today’s Internet focused world, the SSL protocol is typically used when a web browser …
