Did you know that an organization with more open ports is more vulnerable to data breaches?In the first, second, and third parts of the Are you listening to your logs? series, we saw how logs can be used to detect security and operational issues in a network. In the final blog, we’ll talk about open […]
Simple Denial of Service DOS attack mitigation using HAProxy
Denial of Service (DOS) attacks can be especially effective against certain types of web application. If the application is highly dynamic or database intensive it can be remarkably simple to degrade or cripple the functionality of a site. This blog article describes some simple methods to mitigate single source IP DOS attacks using HAProxy. I’ve described how you would implement the techniques using the Loadbalancer.org appliance but they are easily transferable to any HAProxy based cluster
Don’t Be ‘fraid of No Ghost – WSWiR Episode 137
If you want the best network defenses, you need to stay abreast of the latest information security news; but I realize most IT folks don’t have the time to stay informed on their own. Let our weekly video do the heavy lifting, and quickly share the biggest infosec news.
Sony Breach & More – WSWiR Episode 131
Operation Cleaver, FIN4, Regin, and Sony Breach Now that cyber attacks have gone primetime, every week is filled with new information security (infosec) news, leaving administrators little time to catch up.
#OpKKK – WSWiR Episode 130
Emergency Windows Patch, Malware Vs. Passwords, and #OpKKK Nowadays, researchers, hackers, and the media bombard us with tons of information security (InfoSec) news each week.
The Poodle SSLv3
So here we go again! SSL is broken once more and this one now leaves us with no SSL Ciphers that we can reliably use in a live production site so I guess this now forces us to use the TLS suite of ciphers which in the past have also had problems. Lets put it this way – if you use any form of SSL ciphers your vulnerable! Qualys have again been quick to update the Qualys SSL Labs Test tool that they provide which is free to use. This will test your SSL Certificate and all the currently usable Ciphers for your site
WatchGuard Security Week in Review: Episode 43 – Tumblr Worm
Tumblr Worm, Spoofed Tweets, and Madcap McAfee Wow. I knew information security news was picking up over the past few years, but lately it seems like our own little industry reality show; complete with mysterious murders, border-crossing heists, and random heart attacks (not to mention, colorful personalities).