Blog
-
hackathon Gems
If you’re attending a hackathon/security conference looking to recruit good security professionals, keep an eye for those using personal Internet devices, tethering via cell phone, or better yet, tethering via a cable connection to their cell phone to gain internet access. As to those who are using the convention center’s free wifi during a hackathon/security…
-
Two-factor authentication – just do it already!
During a recent conversation, I was asked to briefly describe what two-factor authentication is, while keeping the technical bits at a minimum. In the age of everything web, most of us have heard of two-factor authentication. Commonly referred to as 2FA or MFA, it simply is the composition of two secrets, one static and the…
-
Fail2ban on OpenBSD
Fail2ban is a nifty security tool that can monitor log files (ssh apache squid…etc) and execute commands, such as adding an IPtables rule, blocking the offending IP address. On Debian/Ubuntu, fail2ban is available in repositories and once installed, it will default start protecting ssh attempts. Such a great safety mesure for so little work required…
