SECTION 9 Cyber Security 6m4l3c

We started out talking about Dorothy’s Cisco switch configuration. It quickly morphed into a conversation about vulnerabilities. It turns out that the switch doesn’t ssh. It could also have other vulnerabilities. Think of this conversation as a quick risk assessment. Rather than jumping up and down about possible security issues, we evaluate the situation. Sometimes things aren’t as bad as you think they are. LINKS Check out the Cisco config on our website Check out our Facebook Page

We did it! Or I should say Dorothy did it. She deployed her Asus Router on her home network. The deployment was flawless. We talk about the process and some of her fears. We also talk about how the OWASP Top 10 can be used in this situation. The OWASP Top 10 is a list of vulnerabilities or weaknesses. In this case we want to think about the vulnerabilities in the Asus Router. Once they’ve been identified, we want to take them out or make them more secure. This was a big step in the right direction. We still have a long way to go before Dorothy’s network is secure. SECURE ASUS ROUTER CONFIG 1. Updated the firmware 2. Changed the default to log onto the router 3. Setup a strong for Wi-Fi. Both 2.4 and 5 GHz 4. Changed the web interface access from http to https 5. Disabled UPnP or Universal Pug and Play 6. Changed the default network to something else

Dorothy and I review the OWASP top 10 and my failure at answering one important interview question, “What is the OWASP Top 10?”. I recently had a job interview for an information security analyst position. I was asked some general security questions. All of which I think I answered OK. Then I was asked, “What is the OWASP Top 10?”. My answer was terrible. LINKS OWASP Top 10

#81 Configuring Vlans, Subnets & Routing

#80 Adding Security to a Network

In this episode we talk about our Synology DiskStation and the failing hard drives. Two of the four drives have bad sectors. We go through the process of replacing them. We also talk about how this fits into security using the CIA triad. You need to think about the availability of data. Something a lot of IT departments don't take into consideration. LINKS 1. Synology - The Synology website 2. Fault Tolerance 3. Backup

In this episode we try to answer three questions. How secure is Last? How is information securely transferred between devices? How is information securely shared between s? We do our best to answer these questions. 

#77 Last, Yubikey, & Two Factor Authentication

#76 Basic Linux Server istration

#75 IP Addressing & Network Design

We're getting ready to move our network to Dorothy's new computer room. This will be a lot of work. We talk about the equipment, some planning and things we need to work on. LIST OF EQUIPMENT 1. Palo Alto PA-220 Firewall 2. 3 Cisco 8 port 3560 switch's  3. Synology Disk Station - DS218+ 4. Raspberry Pi Stack 5. Gigabyte server - Gigabyte Mini Intel Core i7-3537U 2GHz Compact PC Barebone (GB-XM1-3537)

#73 The Level One Robotics Data Breach

#72 DNS With BIND9

Our DH failover system is up and running. It’s pretty cool seeing this in action. We talk about what we […]

In this episode Dorothy and I try to understand the ISC DH server fail over configuration. There are two servers, […]

In this episode we talk about setting up a DH server on Linux. We go through the process of installing […]

A lot of security experts talk about threat hunting, packet analysis and pen testing. Can you do effective threat hunting? […]

In this episode Dorothy tests Ubuntu 18.04 Bionic Beaver. I go over some of the projects I’m working on. We […]

For this episode, Dorothy decided to ask me how I got into IT. We also talk about why we focus […]

In this episode we talk about Disaster Recovery With Backblaze B2. We talk about backup, recovery, business impact analysis, and […]