I finally got around to looking into SNMP v3 and was shocked at how easy it actually is. When I first looked up info on it so many moons ago, I saw table after tables of views and privilege levels and thought I would have to put in a billion hours getting it customized....
Posts Tagged ‘ security ’
Setting Up SSH on IOS Devices
By default, most Cisco IOS devices come configured to be accessed via telnet. This is probably fine for your house, but I really cringe when I run across corporate networks that use telnet to access the devices. Telnet is old and out-dated and can be very dangerous. It’s in plain-text, which means that anyone...
Security for Unmanned Devices
I was talking to a coworker the other day about setting up his home network more securely. “No problem,” I said, and we started listing devices on his network to see what we needed to do. I was pretty surprised that he had so many things on his network. I mean, I was quite...
Separation of Function
Separation of function is another important security concept that people often overlook. It can mean that a single person is only responsible for one part of a process. Or it can mean that one server only does one function. Or it can mean that one network is used for servers of one type. Or...
Port Knocking
A few months ago, a friend of mine told me about the concept of port knocking, where you send packets to a server on certain ports to authenticate access to the box. A daemon running on your server detects the sequence of packets that you send and runs a script (usually IPtables commands), waits...
Fallback IPtables
The hardest part of messing with firewall configs is knowing what is going to lock you out of the firewall itself. It doesn’t to me very often, but I’ve been doing firewalls for 10 years now. I was thinking about my own IPtables implementation at home and realized that I do most of my...
Using an Old Server as a Home Firewall
You can use an old PC as a firewall at home (and at work, I guess). It’s not that hard to do if you have a basic knowledge of Linux, DHCP, and IPtables, but that may be saying a lot. Why would anyone want to do this, though? If you’re like me, you like...
The Principle of Least Privilege
The Principle of Least Privilege says that users or applications should only have access to the what it needs to access and that access should be as limited as possible. This idea can be applied to any number of things, but it is a very important topic when talking about security. The idea is...
Recent Comments