Writing good ad-hoc security assessments – Part 2

Following on from part 1 of this blog series, in this second blog post in my series, I’m asking the question “what should a good ad-hoc risk/impact assessment look like?”

Continue reading

Posted in Uncategorised | Tagged , , , , , , , , , , , , , , | Comments Off on Writing good ad-hoc security assessments – Part 2

Writing good ad-hoc security assessments – Part 1

I’ve seen a lot of attempts over the years at technical security assessments (TSAs, as good as any other term to describe them), both more GRC-oriented and technically-focused.

I’ve not yet seen a TSA that fits the bill fully, so in this post I’m setting out some ideas on what makes a good assessment and when it should be used.

Continue reading

Posted in Uncategorised | Tagged , , , , , | 1 Comment

WordFence Review – The leading WordPress CMS IPS?

For several weeks I’ve been trialling WordFence on my blog, not that you’d have noticed it.

WordFence is a plugin that can be added to any existing WordPress installation, adding Intrusion Detection and Prevention capabilities usually encountered on application layer gateways.

Continue reading

Posted in Uncategorised | Tagged , , , , , , , | Comments Off on WordFence Review – The leading WordPress CMS IPS?

Getting xrdp up and running on Ubuntu 18 LTS

If you upgrade from 16.04 LTS to 18 LTS, you might find your XRDP installation fails to start. My advice is to remove the XRDP package and purge the configuration files after backing them up.

I set up XRDP so infrequently, I’ve noted down some notes for reference below.

Continue reading

Posted in Uncategorised | Tagged , , , , , | Comments Off on Getting xrdp up and running on Ubuntu 18 LTS

Is a retpoline-enabled kernel ‘enough’ to fully protect against Spectre Variant 2?

The Spectre attack exposed processors to memory disclosure attacks. Manipulation of indirect kernel calls may allow side channel retrieval of memory content (Branch Target Injection).

The Linux kernel was subsequently enhanced to mitigate this Variant II attack using the retpoline feature.

Continue reading

Posted in Uncategorised | Tagged , , , , | Comments Off on Is a retpoline-enabled kernel ‘enough’ to fully protect against Spectre Variant 2?

Chair’s summary and presentation – BCS Dorset AGM

Below you can find some highlights from the Chair’s report for the BCS Dorset AGM this evening, and the presentation. Full and final details will be made available on www.dorset.bcs.org

Continue reading

Posted in Uncategorised | Tagged | Comments Off on Chair’s summary and presentation – BCS Dorset AGM

Linux Kernel 4.14/4.15 and AMD’s SEV memory module

In my previous post I made brief mention of some new features in the 4.15 (well, technically, 4.14) Linux kernel, supporting encrypted volatile memory (RAM). Apart from a brief awareness of industry initiatives in this area, I hadn’t closely followed this development and so decided to take a look and write up some findings in this blog post.

Continue reading

Posted in Uncategorised | Tagged , , , , , , , , | Comments Off on Linux Kernel 4.14/4.15 and AMD’s SEV memory module

Reminder of the BCS Dorset AGM next week

Our AGM is fast approaching for the Dorset branch of BCS, the national association for computing in the UK and overseas. We’ve had a slight change to our plans, with a new Guest Speaker: Geoffrey Darnton. You can find more information on Geoffrey’s talk at our website www.dorset.bcs.org.

Due to changes in how BCS manages events, stemming from GDPR, we now use EventBrite and a ticketing system, so you’ll need to book a ticket in advance. If you’ve forgotten, don’t worry, simply turn up.

Posted in Uncategorised | Comments Off on Reminder of the BCS Dorset AGM next week

New security features in Ubuntu 18.04 LTS

A reluctant adopter of Ubuntu, I’ve recently upgraded one of my servers to Ubuntu 18.04 LTS.

There are some new features in the mix (both security and general functionality). Finding a succinct and complete list of new features is elusive, so here is one in case you are looking for the same:

Continue reading

Posted in Uncategorised | Comments Off on New security features in Ubuntu 18.04 LTS

Sinkholing malware domains using Bind DNS

Bind is a good DNS server, however it has a slightly chequered history insofar as vulnerabilities are concerned. Nevertheless it’s a good solution for internal networks, and offers some flexible configuration options. In this post I’m going to add some security filtering functionality using Perl, Bash and some standard Linux tools.

Continue reading

Posted in Uncategorised | Tagged , , , | Comments Off on Sinkholing malware domains using Bind DNS