Performance and security is always a balancing act, but in the case of DNSSec it’s a no-brainer. In short, DNSSec allows a client to trust the domain owner when performing DNS queries. It’s another step to defending your domain (and subsequently your content and network) from the bad guys. An added benefit is there is no noticeable impact to performance! CloudFlare just released a great blog post on their DNSSec offerings and how they are expanding.
Did you know you have a public Amazon profile that is automatically created when you sign up for an Amazon account? This profile doesn’t provide too much information publicly by default, but it is another data point for 3rd parties. Michael Bazzell from Intel Techniques provided a quick guide in his latest email newsletter on how to take a few easy steps to secure your Amazon profile. The following is an excerpt taken from his email, and is intended only for a quick reference.
Everyone needs to do some housekeeping at different points, and I figured it was time I did some a basic security sweep of my setup. To get started, I performed a quick packet capture on the very server that hosts this blog. I decided to give one of CloudShark‘s newer and more distinct features a spin with my recently created account; their Threat Assessment tool. I thought it would be interesting to pit this against PacketTotal as well.
What’s that yellow sticky note poking out from under your keyboard? Is that your password? If you’re like many people this may be the case. While this may be practical and convenient, it’s not a good idea. It might be ok in the privacy of your own home, but it can still be risky. Privacy and security (online safety) is all about managing your risks and deciding what is right for you.
I have had several family members and friends lose access to their social media accounts, have malicious emails sent from their address, and even succumb to ransomware. The nature of these “hacks” or “attacks” varies widely, so there isn’t a “one-size-fits-all” solution. But, even though there are many ways to break into a house, doesn’t mean we don’t lock our doors or leave the key in the mailbox for everyone to use.
A couple of years ago I had the privilege of attending a seminar about electronic privacy and security led by former FBI computer crimes investigator Michael Bazzell. If this is your first time hearing that name or digging into this topic I highly encourage you to visit his websites, listen to his podcasts, and/or read his book. His blog is a great place to start. You can find it here: https://computercrimeinfo.
Note: I apologize for the loss of the screen shots. When I transferred my blog host the images were lost and I did not yet have a backup copy. Being that I actually enjoy networking and it’s not just a job, I like to explore new and different technologies. I also like to continue to learn and branch into areas where I’m not as comfortable. One of these areas being firewalls.