Date registered: 25th July 2015
Aug 13
In this section you will find definitions of security terms typically used in security related book, documentation, articles etc. As a security professional you should know and understand meaning of those expressions and terms. Common terminology • Vulnerability – weakness of security or system (insecure communication, poor passwords, improper input handling) • Exploit – mechanism …
Aug 07
Splunk is powerful SIEM product widely in use by organizations and companies. Network/Security engineer can use it to search device logs using queries to filter interesting data. Here are some basic rules: If you are looking for specific string simply type a keyword in New Search field and press enter Wildcard is supported “*“ Search …
Aug 05
PCI DSS as security standard is split into four levels depending on merchant size in terms of number of payment transactions. Level one is least restrictive and level 1 the most as specified below.
Aug 05
PCI DSS and ISO 27001 are both security standards but it’s important to understand differences between them and how they apply to your organization. ISO 27001 is an international standard, with worldwide recognition, which lays down the requirements for the establishment of an information security management system. It applies to any type of organization, and …
Aug 05
Every network engineer who do some scripting will have to write script to SSH to other host or device. Luckily there’s no need to write long and complex code to do it as there are tools for this already created, tested and widely used. One I would like to introduce is PXSSH. Pxssh is based …
Aug 05
The Secure Sockets Layer (SSL) and Transport Layer Security (TLS) is the most widely deployed security protocol used today. It is essentially a protocol that provides a secure channel between two machines operating over the Internet or an internal network. In today’s Internet focused world, the SSL protocol is typically used when a web browser …
Jul 30
High Availability (HA) configuration is recommended to ensure availability of the network and most companies and organizations use device pairs to achieve this goal. In some instances HA may cause unexpected issues even configuration and physical cabling is correct. One of the most common issues is called Split-brain. Palo Alto Networks uses a private heartbeat …
Jul 30
Troubleshooting VPN issues may be time consuming and frustrating task. In most cases firewall will help us fix the issue but we have to know how to read messages provided by the firewall. We will look into ISAKMP Phase 1 negotiation sates and possible reasons for problem establishing association on Cisco ASA firewall. In order …
Jul 29
Palo Alto Networks devices decrypts and supports the five cipher suites shown below: RSA-AES256-CBC-SHA Cipher Suite: TLS_RSA_WITH_AES_256_CBC_SHA (0x0035) RSA-AES128-CBC-SHA Cipher Suite: TLS_RSA_WITH_AES_128_CBC_SHA (0x002f) RSA-3DES-EDE-CBC-SHA Cipher Suite: TLS_RSA_WITH_3DES_EDE_CBC_SHA (0x000a) RSA-RC4-128-MD5 Cipher Suite: TLS_RSA_WITH_RC4_128_MD5 (0x0004) RSA-RC4-128-SHA Cipher Suite: TLS_RSA_WITH_RC4_128_SHA (0x0005) Note: TLS 1.2 support has been added starting with PAN-OS 6.0, with the addition of the following …
Jul 29
Security information and event management (SIEM) is a term for software products and services combining security information management (SIM) and security event management (SEM). SIEM technology provides real-time analysis of security alerts generated by network hardware and applications. SIEM components: 1) Log and context data collection 2) Normalization 3) Correlation (SEM) 4) Notification/Alerting (SEM) 5) …
