Methods for the prevention, detection, and removal of ghosts in digital networks We often find that clients are so focused on preventing attacks from malicious living humans that they completely neglect the threat posed by ghosts. With that in mind, today’s post focuses on defensive measures that can be implemented to (1) prevent ghost infestations; (2) detect paranormal ... READ MORE
Defense
Sophos UTM Home Edition 5 – SSL VPN
The topic of today's post is setting up an SSL VPN through the Sophos UTM Home Edition. The ease-of-use VPN solution was one of my primary reasons for pursuing this particular UTM in the first place, and so I think it's a topic definitely worth exploring. There are a variety of VPN options within the UTM. I'll only be covering the SSL option here. If you are looking to set up a ... READ MORE
Sophos UTM Home Edition 4 – Definitions and Rules
UPDATE: Part 5 - SSL VPN is now available. In the first and second posts in this series, we stepped through the installation of the Sophos UTM. Two weeks ago, we finished up the setup process. Now, we're going to start exploring the meat and potatoes of Sophos' free UTM solution. This week, I'm going to cover establishing definitions and ... READ MORE
Sophos UTM Home Edition – 3 – The Setup
UPDATE: Part 4 – Definitions and Rules and Part 5 - SSL VPN are now available. It's been quite a while since I wrote the initial two Sophos UTM posts. I recently upgraded from a really old, re-purposed HP box to a slightly-less-old Dell Precision 670 courtesy of steiner, and I took the opportunity to document the setup process. This post assumes you have followed the ... READ MORE
CTF – Exploit PCAP Walkthrough
RSM recently hosted a Capture the Flag competition for high school students in partnership with the University of Mount Union. Our team attempted to craft challenging but "solvable" problems for the participants to complete. When I was writing my challenges (they fell mostly in the Forensics category) my goal was to make problems that were something a high school student ... READ MORE
Password Filtering: Taking Bad Decisions Away from Users
(Originally published by @fluffy_bs) I recently had this conversation with a client following a pen test: Client: "What is our biggest security hole?" Me: "Your password policy is incredibly weak. We were able to brute-force passwords such as Winter14, Password1, and Company1. Client: "We just had a meeting where we reiterated our security policy. I told ... READ MORE
Vulnerabilities 2014: Moving Forward
2014 saw the release of a number of critical vulnerabilities that caused media storms and left script kiddies on the edge of their seats in anticipation of public exploits. These high impact vulnerabilities included, but were not limited to: Heartbleed CVE-2014-0160 Various ShellShocks CVE-2014-6271, CVE-2014-7169, CVE-2014-7186, CVE-2014-7187, CVE-2014-6277, ... READ MORE
Sophos UTM Home Edition – 2 – The Installation
UPDATE: Part 3 - The Setup, Part 4 - Definitions and Rules, and Part 5 - SSL VPN are now available. Now that we've discussed acquiring a Sophos UTM license and downloading the ISO, it's time for the install. This process is extremely straightforward assuming the hardware of choice is compatible. Should any questions arise, concerned users should reference the Hardware ... READ MORE
Sophos UTM Home Edition – 1 – Getting Started
UPDATE: Part 2 - The Installation, Part 3 - The Setup, Part 4 - Definitions and Rules, and Part 5 - SSL VPN are now available. I recently built a house and was fortunate enough to be able to fill the walls with Cat6. This has allowed me to build out a significant home network which includes multiple wireless access points, a mixed Windows/Linux environment, and various other ... READ MORE