1.0 Threats, Attacks and Vulnerabilities

This post is part of a larger series on Security+ 1.1 Given a scenario, analyze indicators of compromise and determine the type of malware Virus: an old-fashioned term going back to the mid-1980s. A piece of software that may intrude into your system, often by attaching to other existing files. Viruses will propagate or spread to other devices. They would also activate - or perform some function such as erasing the boot sector on your hard drive....

December 22, 2020 · Steven Polley

2.0 Technologies and Tools

This post is part of a larger series on Security+ Common userspace utilities ping: Sends ICMP echo request to the destination, expects an ICMP echo reply but if not received before the timeout, will display as such. If a response is received, the RTT will typically be displayed in the output for each response. Implementations differ between operating systems and userspace utilities. # Windows uses -t to get correct, sane behavior ping -t 8....

December 22, 2020 · Steven Polley

3.0 Architecture and Design

This post is part of a larger series on Security+ Using Guides for Risk Assessment Guides are not necessarily hard and fast rules. The idea of guides is to set bias. Yes, we as humans cannot get around biases, even when we are aware of them. Guides can help us set a baseline to help get a feel for where things should be. The idea is to use the incredibly fast, yet flawed built-in calculator we have evolved to optimize - intuition....

December 22, 2020 · Steven Polley

4.0 Identity and Access Management

This post is part of a larger series on Security+ Auditing & Accountability: who’s making changes, why are they making changes Non-Repudiation: non-repudiation is when a person cannot deny having done something. For instance, if are required to change someone’s password and have knowledge of its value, if that account then performed bad actions, you could be liable. To get non-repudiation, you must have confirmation the user has changed their password to something different....

December 22, 2020 · Steven Polley

5.0 Risk Management

This post is part of a larger series on Security+ Definitions Risk Management: The identification, and assessment of risk. Assets: Any part of our infrastructure that we are worried about getting harmed. Servers, network, services, applications, storage, people, intangible (such as reputation) Vulnerability: Weakness to an asset that leaves it open to bad things happening to it. eg) unlocked server room door, not changing default passwords Threats: The bad action or event, that could occur if a vulnerability were exploited....

December 22, 2020 · Steven Polley

6.0 Cryptography and PKI

This post is part of a larger series on Security+ Cryptography is the science and study of taking data and making it hidden so others cannot understand it. Cryptography provides confidentiality by using obfuscation. There are a lot of ways to use obfuscation to provide confidentiality. Diffusion Confusion Encryption: the process of obfuscating data Decryption: the process of unobfuscating data. Cipher: Caesar cipher: a common that shifts letters in the alphabet by some number....

December 22, 2020 · Steven Polley

Security+

I decided I’ll go for the S0-501 Exam, and will share my notes here. You can find all of my notes here At the time of this post, my notes are ongoing, very incomplete and are updated as I go along. There may be spelling, grammar grammar or grammar errors? Some sections are empty as well, but will be filled in the coming weeks. Free notes I've taken about the Sy0-501 exam topics....

December 17, 2020 · Steven Polley

Port Knocking

Port knocking is security through obscurity. Now normally, I say anything to do with security through obscurity is bad practice if that’s the only thing you’re relying on. The idea is that it’s not going to outright secure your network, but it’s going to drastically reduce the risk of an attack during an attacker’s discovery phase. Hiding valuables in your vehicle when it’s left unattended will reduce the likelihood of a criminal passerby from breaking into your vehicle....

August 3, 2020 · Steven Polley

Restic - Backups Done Right

I’ve been searching for a file-level backup solution that ticks all the boxes, specifically: Efficient - something that only copies differential data when performing backups Secure - Encryption of data at rest and in-flight Deduplication - Only store blocks of data once and use pointers to reference it Storage Provider Support - Ideally NFS out of the box or even rsync, but hey if it supports the typical cloud providers too that’s a bonus Trustworthy - Ideally free and open so that I can audit the source Easy - I don’t want to invest an hour learning how to use it at scale Ideally free Man, let me tell you - there are not a lot of options out there that meet all these requirements - but I stumbled upon restic, and it seems to be the best option I’ve come across....

January 26, 2020 · Steven Polley