August 21, 2018

Category: Defensive

Tenable Nessus, where has my API gone?

Nessus Professional (Pro) is undoubtably one of the cyber security consultants favourite tools. It has also been a widely adopted tool for organisations on a budget  looking to start out in the never ending world of vulnerability management. It’s humble beginning starting out as a fully open source tool, to the favourably priced commercial  entity we see […]

DNS Sinkhole – What is it & Why do I need one?

In this post I will talk about DNS Sinkholing, what it is and how it can help you identify potentially infected machines. Useful in the fight against malware such as viruses, Ransomware and Crypto Jacking! What is DNS? Domain Name System – in very basic terms, the internet (and local networks) are all routed by […]

Cisco :: Upgrade or Reimage Firepower 8300 Sensors?

Recently I was tasked with upgrading some new Firepower 3D8350 sensors which would later be stacked into a 3D8360. These devices were shipped with software version 5.4.0.1 and I had a customer requirement to upgrade the sensors to version 6.2. I would normally stack these devices and upgrade them using the FMC, however, I didn’t […]

CCIE Security v5 :: TCP Interception

This article accompanies the demonstration video I have created below. TCP interception is a CCIE Security version 5 blueprint topic. What is TCP interception? TCP interception is a method used to protect against TCP SYN-flooding attacks. This is achieved by intercepting TCP connection requests (SYN packets) and verifying the connection before passing the original TCP SYN packet […]

Cisco Umbrella :: Secure Your Home Network For Free

Every time you visit a website, in the background your device/s will request something called an IP address for the website that you have just entered, this is called Domain Name System (DNS) resolution. Keeping our focus on home networks, your provider would have normally already configured the relevant DNS settings for your network, which […]

Security Concerns :: Ransomware

Working for a security consultancy/MSSP business, I come across a lot of customers who in the past have gone to companies seeking advice on a particular security threat that is getting more media attention at that particular moment. More often than not, the “Security Expert” (salesman…) sells them a device; promising them it will fix all […]

How secure is IEEE802.1x?

I’m a huge fan of deploying “dot1x”.  With very little configuration (a Windows NPS server, a little group policy and some access switch commands) you can authenticate every device that connects to your network.  Unlike MAC based security, dot1x ensures that your devices must be successfully authenticated by a centralised RADIUS server before they are […]

Can RansomFree Protect You Against Ransomware?

  According to ZDNet, the cost of Ransomware hit $1 billion in 2016. Businesses and unsuspecting users were hit with popular ransomware such as Locky and Crylocker and found themselves locked out of their own systems. Many of those affected by ransomware found themselves paying large sums of money to salvage their business critical documents and […]

Lightning Talk: UTM’s

Earlier this week I delivered a presentation about UTM’s to businesses on the Isle of Man. This lightning presentation was aimed to give a brief overview of Unified Threat Management solutions and the considerations to keep in mind. The link below will take you to the presentation, if you have any questions please feel free […]

Mubix – Attacker Ghost Stories

This is a great video with some novel out-the-box methods for defending the modern enterprise.  I just had to share it as to date it’s got just over a thousand views and it’s actually got some really good, original content.  It’s hosted on YouTube so I have embedded it below.  Watch, learn and apply and […]

Subscribe to SYNACK via Email