General_Security Archive

I did some work recently assessing how Microsft’s Hypervisor (Hyper-V) addresses (or doesn’t address) some common network security based threats in a multi-tenant public cloud environment. I then set out to test whether there are controls in place to mitigate those threats. I would have liked to compare different Hypervisors and their capabilities, but I have yet to do that comparison. If you’re interested in testing independently, there are several good tools out there including nmap, yersinia, hping and scapy. Those four tools will allow you to test every scenario in this document. Some detail on the test case is provided in each section. First, some basic definitions that I use in this post: TOR switch: Top of rack switch Switch: Generally references the network [&hellip

Read More...

It is undeniable if you read the news these days – many enterprises are moving data centers applications to the public cloud. In my experience, many security organizations aren’t prepared for the fundamental shift in security models that comes with the cloud. They may opt to build a WAN into the cloud provider to extend their existing and traditional security controls. They may opt for a premium cloud service provider that offers managed security services. Or, they may run software based network function virtualization such as Cisco’s Nexus 1000V. The reality is, with this movement comes a new paradigm in perimeter security. Major cloud providers leave network security to the Enterprise and don’t offer any more capability than security groups or SLB endpoints. A natural [&hellip

Read More...

In previous posts I’ve written about how to install Hadoop on Ubuntu in under 20 minutes, how to configure NetFlow export into Hadoop and how to add multiple nodes to your Hadoop cluster. In this post, I’ll outline how to start querying Netflow data via Hive so it can be analyzed in Excel. The expectation is that you’ve followed the previous posts in this series so that your current Hadoop installation is in a predictable state. Here are the foundational things you need to know to accomplish this task: I highly suggest shutting down your netflow collector in advance. There are parts of this procedure that may be complicated by introducing new files while the metastore is in the middle of transition Hive’s metadata store [&hellip

Read More...

Every article I could find on iPhone 4S 6.x jail-breaking referenced an iPhone that was not ‘disabled’ and still allowed a passcode to be entered. I was dealing with a disabled iPhone and none of the instructions like on this site apply to that scenario. It didn’t require much modification to the instructions, but I did get it to work with the steps below. Screen will say ”iPhone is disabled’ Slide to unlock and the ‘emergency call screen will appear’ directly Hold the Power button (on the top of the device) until the slide to turn off screen appears. Hit Cancel. The taskbar at the top of your iPhone should now be light blue. Dial 112 (an emergency number like 911), tap the green call [&hellip

Read More...

I have an in-home SmartCard setup using Gemalto ASP.net cards and HID OmniKey readers. The foundational infrastructure you need in your home to accomplish this is a Windows domain controller and Windows CA. My current setup requires a SmartCard to log into my personal workstation. My entire infrastructure is built on Windows Server 2012. Out of the box – a significant amount of configuration is required on the CA, CA enrollment process and domain to get SmartCards to work properly – and it seems not a lot of people have done this on Windows Server 2012. The specific issue that I ran into was getting a CA template to work properly for SmartCard enrollment.  There are template duplication issues, template permission issues and template publishing [&hellip

Read More...


Warning: file_get_contents(/opt/httpd/sites/rickmayberry.com/gpslogger.txt): failed to open stream: No such file or directory in /var/sites/rickmayberry.com/wp-content/plugins/google-maps-widget/google-maps-widget.php on line 150