What did I learn by going thru a NERC CIP audit? A lot… Read more

ISC2 has finally formally approved my CISSP certification.  One major goal for the year has been completed…now for all the rest!

It looks like big telco is trying to break up wholesale subsidies, according to an article in ArsTechnica. Read more

I’ve made a great deal of progress with my personal goals over the last few months. My CISSP is currently in review waiting for final approval, and my GPEN is in progress. I’ve even managed to post semi-regular blog posts.

We are steadily making progress on our family goals as well. A child enrolled in college, one property sold, another on the market, and an offer placed on our new property. If things keep moving at this pace, 2018 is going to be a great year.

More to come!

One of my biggest annoyances with my regular Nessus scans are the continuous medium risks related to weak SSL ciphers. Nartac Software created a simple tool to help admins fix these issues: ISSCrypto.  Simply download the tool, then run it as an administrator on your Windows box. I recommend you take the “Best Practices” template and apply those settings first. Always back up your current settings before changing anything!

I became aware yesterday that several sources are reporting Energy Services Group was “hacked” or “attacked.”  There’s been a little saber rattling about hackers getting control of the US energy markets.  Being that I’ve had some dealings with ESG over the years, I thought I might speak to this. Read more

A few months ago, I had moved almost all of my storage into Google Drive, OneDrive, or iCloud depending on the usage.  This allowed me to turn down my old Dell FreeNAS server in an attempt to save on my electric bill.  I’ve never been completely on-board with this model, even though I know I’m keeping some physical backups for emergencies.  It could be that I spend too much time listening to Michael Bazzell and Justin Carroll or the control freak in me, but not having control of my data really bugs me. Read more

Folks – it’s time to tick everyone off with network maintenance windows!  Cisco PSIRT released 30 vulnerabilities in their router firmware across multiple versions of IOS and IOS EX.  Three critical vulnerabilities include one hard-coded credential affecting all IOS XE routers running IOS XE v16, and two which affect v15 under certain conditions.  Fifteen high risk vulnerabilities run the gamut from denial of service, buffer overflow, and privileged escalation. Read more

The draft for this project has changed three times since starting – mostly due to resource constraints on my end.  I’ve bounced between hardware, hypervisors, and focus but I’ve settled on an approach.  My immediate needs outweighed the need for a full VMWare stack.  What I really needed was a FreeNAS replacement, and after trying a few different options I’ve ended up right back on FreeNAS 11.  This platform will support most of my storage, media, and VM needs for a year or so.  It will also support several options for backing up and securing my data, allowing me to get off the cloud as much as possible. Read more

TCP and UDP are two very different protocols.  I’ve spent a fair amount of time over the years explaining these two issues to our power engineers and technicians.  What better topic to post here. Read more