In my experience, you can never have enough logging information. If you’re trying to piece together the causes of system failure, or attempting to trace the origins of a cyber-attack, you’re logs are often crucial in either case. In this post I’ll show how you can enhance a Linux installation to log all outbound TCP… Read More »
Squid is a capable proxy, and can be used to enforce security rules for small and medium sized organisations. It’s also a cost-effective solution, e.g. if you’re implementing AP17.
Following on from part 1 of this blog series, in this second blog post in my series, I’m asking the question “what should a good ad-hoc risk/impact assessment look like?”
I’ve seen a lot of attempts over the years at technical security assessments (TSAs, as good as any other term to describe them), both more GRC-oriented and technically-focused. I’ve not yet seen a TSA that fits the bill fully, so in this post I’m setting out some ideas on what makes a good assessment and… Read More »
For several weeks I’ve been trialling WordFence on my blog, not that you’d have noticed it. WordFence is a plugin that can be added to any existing WordPress installation, adding Intrusion Detection and Prevention capabilities usually encountered on application layer gateways.