Skip to main content

Posts

Showing posts from December, 2018

#LearnedIT: IT Security Foundations - Protecting Our Server

Hi again, same course, different submenu.

Let's play a game -  Based Upon the Menu, How Much Do I Remember? I did take Sever 2008/12 during my time in college and found it one of the more fun aspects!

Hardening the Server -
Put it behind a correctly-configured firewall if it's facing the internet. Correctly configured means the proper rules are established regarding access (think 'allow tcp any any') , and ports on the server should be closed if they're not being used unless, again, it's properly configured. Use ACLs to allow one computer located in an area you know is safe and has limited web access to configure the server. 

Run auditing, and don't give any one person more permissions than they need. Principal of least privilege! 

Train your users.

Lisa Bock, our author,  doesn't get as deep as I do, but helpfully reminds us that the physical server should be in a secure, monitored environment to ward off intruders and also overly cool or hot (or humid) …

Packages With JSON

Default name is name of folder you’re in (Node)
- enter
Version #
Description: What is the project about? It’s a tutorial, so let’s name it such.

GitHub link.

Javascript and Servers

A bigger step from My Phone, The File Server.

GitHub link - Open Servfile.js

Out of habit, I typed https in the opening const areas in several places. It doesn’t seem to have had ill effects, though you can see that the connection is not secure;




Welcome to Javascript

Node.js is an open source environment for Javascript.

And now that I've concluded the basics with Python, let's keep the ball rolling. I find that, even though Javascript looks a lot more complicated, I gel with it a bit easier, and I'm not sure why.

This is around the first 35 minutes of this tutorial here. I'm going to work through this and find some other resources. I've already found said resources and they look a little different in the code department than this, but it's mostly the same.

We make three things here;



Introduce ourselvesMake a small gameEstablish classes and events

Webinars and Where To Find Them

If you can’t easily reach an in-person seminar, there’s always the online option - but where do you find them?

Let me share with you how I've come across avenues that have increased my knowledge.




Cloud Fax (Yes, Faxing) Ft. Esker

Yeah, Fax is still a thing! And now it’s up there! *Makes a vague pointing motion to the sky*

This seminar is brought to us by Esker, and it was pretty informative! I didn't note everything. There are maintenance fees, security risks

Cloud has:
Tech support with no maintenance fees.
No ink or toner or troubleshooting - and there is a pay per use pricing mode.

You can send Cloud Faxes

- By email attachment (SMTP to fax)
- The cover page is the subject.
- “print” via virtual printer that takes you to a splash page on sending your fax.

Book: Click Here to Kill Everybody by Bruce Schenier

"There is a fundamental difference between crashing your computer and losing your spreadsheet data, and crashing your pacemaker and losing your life," 
Blog Post

If you follow me across the web, you know I deeply distrust the Internet of Things. In making things easier for the non-techie, having simple or non existent security options makes them - and everyone else - more at risk for cybercrime.

I finished my Security+ book and read Click Here to Kill Everybody.


Seminar: Cisco Live 2018: Best Case Security For Worst Case Scenarios

Machine learning! Metadata! Phone calls!

Secure My Business (With Cisco Umbrella)

☂️ ☂ What is Cisco Umbrella?

Cisco Umbrella is the solution. 
But of course!

As the industry’s first Secure Internet Gateway in the cloud, Cisco Umbrella provides the first line of defense against threats on the internet. Because Umbrella is delivered from the cloud, it is the easiest way to protect all of your users in minutes.