AWS_IAM


VIEW POST

View more
AWS Security

Restrict AWS Console Access Based On Source IP Address

By
on
October 21, 2020

Zero trust, or risk-based authentication, can be hard to achieve (You can read more about it here). Organizations must trust the identity being used and the location from where the user is authenticating. Many cloud-based services, like AWS, have functionality built in to help protect your account. This is…

Python MySQL


VIEW POST

View more
MariaDB MySQL Python

PyMyDB – Simplifying MySQL Backups

By
on
October 20, 2020

Let’s face it, when was the last time you performed a database backup? How about any backup??? PyMyDB was written to help ease the burden of performing MySQL and MariaDB database backups.

Statistics have shown that businesses do not perform regular backups on their IT resources. Worse yet, many…

zero trust


VIEW POST

View more
Authentication Security Zero Trust

Building Zero Trust in Authentication

By
on
July 18, 2020

Building Zero Trust

When you think of zero trust, you tend to think of network segmentation. Creating communities of interest (COI’s) and segmenting servers away from each other to prevent lateral movement within one’s network. Network segmentation is just the first step in a zero-trust model. Others include authentication, segregation…

dns-rpz


VIEW POST

View more
BIND Domain Name Service Response Policy Zone

BIND Response Policy Zones

By
on
June 10, 2020

Domain Name Service

Accessing resources across the internet is done through the use of IP addresses. When trying to access your email, Google for searching, or your favorite social media outlet, you are making a connection to the their IP address. The Domain Name Service (DNS) converts a name to…

DNS


VIEW POST

View more
BIND Domain Name Service

DNS Architecture

By
on
April 10, 2020

Deploying a local BIND DNS server for an organization can be quite daunting. There are a multitude of options available within the configuration of the service. Though secure configurations are extremely important, one must not overlook how to architect its set up within a network. Architecting the service correctly…

Svart Hal


VIEW POST

View more
Domain Name Service Svart Hal

Svart Hal: The DNS Firewall

By
on
April 1, 2020

With the unprecedented circumstances we as a society are facing, we have begun to transition from on-premise to a remote workforce. Though this transition is exciting to some, it can truly bring undue stress to an organization, its workforce, and IT infrastructure. Organizations that are new to a remote…

Encryption


VIEW POST

View more
Domain Name Service Privacy

Continuous Battle Over Encryption And Your Privacy

By
on
October 13, 2019

Privacy vs. Services

The NCTA, CTIA, and US Telecom recently sent an open letter to congress with concerns over Google’s implementation of the DNS over HTTPS (DoH) protocol. The DoH protocol allows for encryption of DNS look ups providing additional privacy on the internet. In the letter the companies state…

dns


VIEW POST

View more
BIND Domain Name Service Privacy

BIND And DNS-Over-HTTPS

By
on
September 9, 2019

Privacy and security professionals have been pushing for encryption of internet traffic for many years now. Not only has there been a significant push from the privacy community, search engine giants like Google almost force websites to use encryption to increase search engine optimization (SEO) to drive higher results….

CCPA Logo


VIEW POST

View more
Privacy

The California Consumer Privacy Act And The .US Domain

By
on
May 25, 2019

As I start this off I would be remiss to state that yes, I have a .us domain, however so do many Americans. You see, the .us top level domain (TLD) is only available to those who reside within the United States. There are other requirements too such as…

Password Lock


VIEW POST

View more
NIST Security

Password Rotation And The Problem Of Not Doing It

By
on
May 14, 2019

Since the release of NIST SP 800-63-3 I have been asked, “Why does our company still perform password rotation?” This question is easier said than done. It is one that requires user awareness training, implementation of auditing and alerting software, and most importantly – multifactor authentication. All of which…

Recent Comments