Security
Almost good news on the CVE front
17/04/25 10:28
Apparently the funding to Mitre that pays for maintaining the CVE (Common Vulnerabilities and Exposures) https://www.cve.org nearly ended.
The good news is that
Read More...
The good news is that
- it got a last minute 11 month extension; and,
- a group of concerned people on the board had a non-profit ready to go if it wasn''t funded
Read More...
Security messaging
11/10/22 13:06
Today my Synology Disk Station started telling me that it was blocking someone who was trying to brute force my admin account. It is not going to work. My admin account is disabled and has been since before the device was internet accessible, and probably will not be re-enabled unless it is needed by Synology support.
The problem is that the disk station is telling me it is being attacked and blocking it.
Do I want to know about an attack with no chance of success? and that the device knows has no chance of success at the moment.
Read More...
The problem is that the disk station is telling me it is being attacked and blocking it.
Do I want to know about an attack with no chance of success? and that the device knows has no chance of success at the moment.
Read More...
DIY CA to allow NRPE-NG to communicate without errors
05/12/19 13:10
Whilst playing with NRPE-NG we found that it complains if it does not have SSL Certificates signed by a Certificate Authority.
This article shows how to build a tiny CA specifically targeted at managing certificates in a testing network. Read More...
This article shows how to build a tiny CA specifically targeted at managing certificates in a testing network. Read More...
Why NAT is not a security mechanism
28/10/13 18:15
All too frequently I see articles that refer to Network Address Technology (NAT) as a security mechanism. Let us be clear NAT has nothing to do with strengthening security and an awful lot to do with weakening it. Read More...