IT Security

The 443 podcast... 'We all need USB condoms to protect us from Juice Jacking'

Deep Thoughts ... "Why Hack a company when you can impersonate a CEO/CFO of a company?"

Want to learn about IT security, There are a lot of resources on the Internet. Try the online Free Training at cybrary.it or reading articles on PacketU

Read about the latest vulnerabilities via the NIST National Security Database and search for specific vulnerabilities using the database at CVE.mitre.org

The United States Computer Emergency Readiness Team's i.e. US-CERT mission is the reduce the risk of systemic cyber-security and communications challenges in our role as the Nation’s flagship cyber defense, incident response, and operational integration center. Utilize US-CERT and the FBI if you ever need government assistance during a real network attack/threat.

Check out the Security Utilities on my Utilities Page

Perimeter security (Firewalls)

Cisco ASA Firewall's combined with Any-connect Secure Mobility Client protects your network and combined with Start Before Login (SBL) and Network Access Manager (NAM) helps protect your mobile assets.

-or-

pfSense is a GREAT open source firewall that can be ran as a virtual appliance, on a physical PC or even on small hardware such as netgate

-or-

Sophos UTM Home Edition is one I will be trying soon.

Podcasts to listen to: Darknet Diaries

Tripwire OpenSource Open Source Tripwire® is a security and data integrity tool for monitoring and alerting on file & directory changes. The open source project is based on code originally contributed by Tripwire, Inc. in 2000.

Web Security

OpenDNS provides security beyond the Firewall by protecting your assets before they are compromised. Now owned by Cisco, the free personal service blocks harmful content before leaving your home network and provides fully customized filtering and identity theft protection.

Need to analyze a file, URL, or a file hash, use Hybrid Analysis using the CrowdStrike Falcon Sandbox Technology

Backup

A Good Backup is an essential part of security. BackBlaze is a place to backup your data... home or small biz.

open source IDS/IPS/SEIM

https://suricata-ids.org/

https://www.splunk.com

https://www.alienvault.com/products/ossim

Email Security

You NEED to implement SPF, DKIM and DMARC - To test your domain security, use dmarcian. You can see my domain is well protected

  • To learn about and create your SPF record, use spfrecord.io

  • To learn about your DKIM DNS record creation, visit dmarcian

  • To get started with DMARC, again use dmarcian as a starting resource

Forensic Evidence