The ramblings of a computer geek
A Web Application Firewall (WAF), is a layer of protection you can add to your web application. Adding a WAF to an Application Load Balancer (ALB) is pretty straightforward. You need to create at least one WebACL, to which you configure some rules (that filter the traffic), you can then attach the WebACL to the … Read more
IT Security continues to be a very important topic in the IT ecosystem, ensuring your Information Security is as good as it can be also makes good business sense, through the reduction of risk of loss and showing commitment to your customers of your organisation’s quality and capability. Information Security doesn’t just come from technical … Read more
A big topic at the moment in Information Security is multi-factor authentication(MFA), also known as two factor authentication (2FA). So the first question, what is a “factor”? Put simply a “factor” is element that a principal (i.e. a person trying to logon to a system) can use to prove to the system they are the … Read more
The Kemp WAF is based on the OWASP ModSecurity Core Rule Set (CRS), it is a set of firewall rules that are loaded that provide generic signatures for common attack types (e.g. SQL Injection, XSS and so on), it uses string matching, regex techniques to look for and block attacks in a general way. What … Read more
NOTE: See https://geekmungus.co.uk/?p=3619 for the most up to date article! We’ve had an issue with the recent “Security Update for Microsoft Windows (KB5019964)” update, as by the looks of it a load of other people. In our case we are running Microsoft Windows 2016 domain controllers, the NetApp filers are pretty old we’re readying to … Read more
I’ve recently passed the CISSP exam. Passing the exam is just one step in becoming a Certified Information System Security Professional, once you’ve passed the exam there are additional steps required to achieve the certification. There is a lot of chatter about exactly how long the process takes to get registered after the exam, so … Read more
You may find you need to perform a check where the FQDN you are monitoring doesn’t correspond to the IP address and some form of virtual server (or host headers) are in use. Now normally using a command like: Should just work however in certain instances depending on the configuration of the web server you’ll … Read more
NMAP (Network Mapper) is a great tool for scanning your network to identify active hosts and the open/available services they have. NMAP provides quite a granular output for the port states, six in-fact, rather than just an open and closed. I’ll give a brief overview of the three main ones you’ll come across: Open, Closed … Read more
Information Security has a number of foundational concepts, such as the Confidentiality, Integrity and Availability of information, information assets and services. In this article we’ll explore four key concepts that are good to understand to assist you in building and configuring secure systems and therefore protecting and improving the Confidentiality, Integrity and Availability of your … Read more
In this scenario I had a pair of Palo Alto Firewalls that were providing firewall services as a perimeter pair of firewalls acting in an active/passive cluster. Due to our internal network configuration, use of OSPF etc. the interfaces (ports) on the passive firewall were set to be down/disabled when that firewall was not active. … Read more