VMware vCenter SSO Authentication via OKTA (with SCIM User Provisioning – Locally Driven)

VMware vCenter can use a multitude of authentication methods, such as LDAP, Active Directory and SAML (ADFS), however since vCenter 8.0 U1 the ability to integrate with OKTA for authentication has been added, which allows for adding MFA (multi-factor authentication) for enhanced security and detaching the vCenter appliance from Active Directory. When switching to use […]

More...

Quick Guide – SSH Public Key Authentication (Ubuntu Linux)

A quick guide to setting up SSH Public Key Authentication. SSH Public Key Authentication means you can authenticate to a remove server via SSH without needing to enter your username and password. Instead you create a public-private key pair, then place the public key on the target server. Then when you SSH to the server […]

More...

What can people really see when you use un-encrypted connections?

Although its becoming increasingly rare nowadays to be using un-encrypted connections, let’s see what it really means at the network level. Un-encrypted connections on their own are not necessarily a problem, its all about what value what you are sending has and therefore what could be exposed to a nefarious actor. If you are viewing […]

More...

Simple Web Application Firewall (WAF) CloudFormation Template

A Web Application Firewall (WAF), is a layer of protection you can add to your web application. Adding a WAF to an Application Load Balancer (ALB) is pretty straightforward. You need to create at least one WebACL, to which you configure some rules (that filter the traffic), you can then attach the WebACL to the […]

More...

Road to CISSP – Certified Information Systems Security Professional

IT Security continues to be a very important topic in the IT ecosystem, ensuring your Information Security is as good as it can be also makes good business sense, through the reduction of risk of loss and showing commitment to your customers of your organisation’s quality and capability. Information Security doesn’t just come from technical […]

More...

NetApp Running SMB version 1 Impacted by Microsoft Windows (KB5019964) for CVE-2022-37967

NOTE: See https://geekmungus.co.uk/?p=3619 for the most up to date article! We’ve had an issue with the recent “Security Update for Microsoft Windows (KB5019964)” update, as by the looks of it a load of other people. In our case we are running Microsoft Windows 2016 domain controllers, the NetApp filers are pretty old we’re readying to […]

More...

ISC2 Certified Information System Security Professional – CISSP Registration Timeline

I’ve recently passed the CISSP exam. Passing the exam is just one step in becoming a Certified Information System Security Professional, once you’ve passed the exam there are additional steps required to achieve the certification. There is a lot of chatter about exactly how long the process takes to get registered after the exam, so […]

More...