Category Archive: Security

Mar 02

Time to crack passwords

Below table represents estimated time to crack passwords based on passphrase lenght and complexity.   Of course time may differ depending on number of factors like: Using dictionary words in passwords may allow almost instant crack ( for example if “rainbow tables” are beign used) Hardwa used (CPU/GPU power, RAM etc.) Application used to crack …

Continue reading »

Mar 25

Cyber Security Terminology

  A Access Definition: The ability and means to communicate with or otherwise interact with a system, to use system resources to handle information, to gain knowledge of the information the system contains, or to control system components and functions. From: CNSSI 4009   Access and identity management Definition: The methods and processes used to …

Continue reading »

Nov 17

CyberArk product overview

cyberark 1

CyberArk Privileged Account Security Solution, is designed to discover, secure, rotate and control access to privileged account passwords used to access systems throughout the enterprise IT environment. ENTERPRISE PASSWORD VAULT Secure, rotate and control access to passwords, SSH keys, and privileged credentials based on policy to prevent attacks and meet audit and compliance requirements. PRIVILEGED …

Continue reading »

Oct 15

IPMI Security Best Practices

IPMI-Block-Diagram

Great document created by Dan Farmer regarding IPMI security and best practices. Must do read for all Sys Admins and Security Engineers. IPMI Security Best Practices

Aug 25

POODLE attack

poodle attack

A POODLE attack is an exploit that takes advantage of the way some browsers deal with encryption. POODLE (Padding Oracle On Downgraded Legacy Encryption) is the name of the vulnerability that enables the exploit. POODLE can be used to target browser-based communication that relies on the Secure Sockets Layer (SSL) 3.0 protocol for encryption and …

Continue reading »

Aug 21

PCI DSS vulnerability for SSL negotiation on Brocade ADX

Hardware application accelerators also called load balancers are commonly used for SSL offload as provide hardware acceleration for SSL processing. Additionally in many implementations process Application Layer (ISO/OSI Layer 7) information which require access to clear test data. In many cases device administrators configure SSL profiles to use “all-cipher-suites” command which allows ADX to negotiate …

Continue reading »

Aug 21

How to deny access for servers in the same VLAN on Cisco switch

In this scenario we have two servers connected on the same VLAN so typically they will be able to communicate directly and do not pass default gateway where you could perform ACL filtering. To disallow network devices from direct communication use command “switchport protected” under interface configuration. Configuration Example: enable configure terminal ! interface FastEthernet0/1 …

Continue reading »

Aug 20

Google hacks

Google hacking is nothing more than using built in ways to search or in fact query the search engine to provide specific output based on search criteria. Targeted search based on target type: INTITLE: INTEXT: INURL: FILETYPE: LINK: Funny bit: Type in Google phrase “do a barrel roll” or “zerg rush” and hit enter

Aug 13

Security terminology

In this section you will find definitions of security terms typically used in security related book, documentation, articles etc. As a security professional you should know and understand meaning of those expressions and terms. Common terminology • Vulnerability – weakness of security or system (insecure communication, poor passwords, improper input handling) • Exploit – mechanism …

Continue reading »

Aug 07

Splunk – search basics

splunk-logo

Splunk is powerful SIEM product widely in use by organizations and companies. Network/Security engineer can use it to search device logs using queries to filter interesting data. Here are some basic rules: If you are looking for specific string simply type a keyword in New Search field and press enter Wildcard is supported “*“ Search …

Continue reading »

Older posts «