Risk Mitigation Risk mitigation is the practice of the elimination of, or the significant decrease in the level of risk presented. Examples of risk mitigation can be seen in everyday life and are readily apparent in the information technology world. Risk Mitigation involves applying appropriate control to reduce risk. For example, to lessen …
Category Archive: Security
Mar 02
Time to crack passwords
Below table represents estimated time to crack passwords based on passphrase lenght and complexity. Of course time may differ depending on number of factors like: Using dictionary words in passwords may allow almost instant crack ( for example if “rainbow tables” are beign used) Hardwa used (CPU/GPU power, RAM etc.) Application used to crack …
Mar 25
Cyber Security Terminology
A Access Definition: The ability and means to communicate with or otherwise interact with a system, to use system resources to handle information, to gain knowledge of the information the system contains, or to control system components and functions. From: CNSSI 4009 Access and identity management Definition: The methods and processes used to …
Nov 17
CyberArk product overview
CyberArk Privileged Account Security Solution, is designed to discover, secure, rotate and control access to privileged account passwords used to access systems throughout the enterprise IT environment. ENTERPRISE PASSWORD VAULT Secure, rotate and control access to passwords, SSH keys, and privileged credentials based on policy to prevent attacks and meet audit and compliance requirements. PRIVILEGED …
Oct 15
IPMI Security Best Practices
Great document created by Dan Farmer regarding IPMI security and best practices. Must do read for all Sys Admins and Security Engineers. IPMI Security Best Practices
Aug 25
POODLE attack
A POODLE attack is an exploit that takes advantage of the way some browsers deal with encryption. POODLE (Padding Oracle On Downgraded Legacy Encryption) is the name of the vulnerability that enables the exploit. POODLE can be used to target browser-based communication that relies on the Secure Sockets Layer (SSL) 3.0 protocol for encryption and …
Aug 21
PCI DSS vulnerability for SSL negotiation on Brocade ADX
Hardware application accelerators also called load balancers are commonly used for SSL offload as provide hardware acceleration for SSL processing. Additionally in many implementations process Application Layer (ISO/OSI Layer 7) information which require access to clear test data. In many cases device administrators configure SSL profiles to use “all-cipher-suites” command which allows ADX to negotiate …
Aug 21
How to deny access for servers in the same VLAN on Cisco switch
In this scenario we have two servers connected on the same VLAN so typically they will be able to communicate directly and do not pass default gateway where you could perform ACL filtering. To disallow network devices from direct communication use command “switchport protected” under interface configuration. Configuration Example: enable configure terminal ! interface FastEthernet0/1 …
Aug 20
Google hacks
Google hacking is nothing more than using built in ways to search or in fact query the search engine to provide specific output based on search criteria. Targeted search based on target type: INTITLE: INTEXT: INURL: FILETYPE: LINK: Funny bit: Type in Google phrase “do a barrel roll” or “zerg rush” and hit enter
Aug 13
Security terminology
In this section you will find definitions of security terms typically used in security related book, documentation, articles etc. As a security professional you should know and understand meaning of those expressions and terms. Common terminology • Vulnerability – weakness of security or system (insecure communication, poor passwords, improper input handling) • Exploit – mechanism …