notes from an admin for himself. you can read it if you want.

Entries Comments

Custom Search

Category: security

Untangle firewall common ports to unblock

16 December, 2009 (07:20) | antivirus/spyware, networking, security | No comments

If you are setting up an Untangle firewall and want to use it at your house or business but might not know common ports to allow, here is a list. I have things a bit tighter at work but at the house I like to have instant messengers etc working. Skype TCP ports 13861, 34954, […]

Set ossec to monitor mysql logs on red hat (not log ossec in mysql)

18 September, 2009 (14:19) | linux, security | No comments

How to configure ossec to monitor mysql logs… not putting your logs into mysql.

Windows Updates can learn a lot from Linux

25 August, 2009 (09:57) | OS, security | No comments

Windows patch management needs to be a little more like Linux

Hahhahaaha, I mean, oh sucks for VA

5 May, 2009 (06:48) | antivirus/spyware, security | No comments

Well Virginia went and lost their prescription drug data.  8.2million people worth of records are being held ransom by some idiot who I’m guessing is young, American and maybe drunk.  Here is the link to wikileaks who broke the story. Maybe this will be the new tax needed to make companies/govt agencies provide resources to […]

Securing HIPAA data on a laptop

4 May, 2009 (18:22) | prediction, security | No comments

I’m tired of looking for resources that define how to properly secure Hipaa data on a laptop. HIPAA Title II is vague and seems to indicate that you need to secure patient data with good current industry standards. What are those standards? It reminds me of FERPA. I’m going to define “best effort according industry standards” […]

Ad blocking

28 April, 2009 (17:42) | antivirus/spyware, security | No comments

Firefox ad blocker – Adblock plus – easy install. Works well. Google Chrome ad blocker – follow the instructions, it will only take a minute or two to copy and paste what you need. IE – download and run IE8, turn on the “in private” browsing thinger. For all 3 – download and install […]

Predictive dynamic blacklisting

24 July, 2008 (05:36) | prediction, security, software | No comments

Are they ever going to call it blocklisting and smurf listing or something? This black and white thing generates some bad press. ANYHOW… SRI and SANS came up with this sweet predictive blacklist fun. It reminds me of what Symantec used to do with their free log reader software, Deepsight . Symantec used to give this […]

Iphones can not be trusted for corporate data security

17 July, 2008 (08:10) | mac, security | No comments

I just posted this on spiceworks: Iphones cannot do data encryption. In my opinion this is an auditors dream. SOX, HIPAA, DOD, PCI compliant companies can’t use an Iphone. So every health care, publicly traded company, payment card industry and a LOT of government. Companies who value their intellectual property can’t use an Iphone. So […]

Encryption plugin for Pidgin and AOL

15 July, 2008 (18:05) | security, software | No comments

Pidginis listed on my favorite free software page as a do it all instant messenger. There is an AWEOME plugin for it called OTR for encrypting your messages. When you are using it you can tell it to turn off logging or leave it on. GO HERE to get it. Look for the link specific […]

Cool website for security info – Dark Reading

9 July, 2008 (17:00) | security | No comments

Check out this great story about why not to allow peer to peer applications in the workplace. DarkReading All it takes to ruin your company is one developer getting lazy and saving a file to a directory where the shared files are on a P2P app. Or one person with HIPAA data. Mistakes happen. Holes […]

 Newer entries »