Python has become a phenomenally popular language. Although many people use Python to create packages and web pages, many do not understand the power Python can bring for the creation of command line tools.READ
This is the first part of a two-part series on how to create, test and deploy a custom CyberArk TPC plugin. In this tutorial, we will be creating the nucleus of an application to allow us to change passwords on devices. Although this plugin is intended for CyberArk we do not need to interact with CyberArk to accomplish this, testing and configuring the application for CyberArk will come in the second instalment of this series.READ
Recently I decided to investigate the type of requests that I would receive if I had opened up SSH to the world. The following are the results of that investigation. First some background. The SSH service was being run on a Raspberry Pi and was the sole device on the internet connection. The internet connection itself was a standard residential broadband DSL service. At no point was a domain pointing towards the IP. Any SSH requests were speculative. At this stage, I was only interested in the login attempts rather than what was trying to be done if a connection had been established. I logged the requests for a little over 7 days.READ
Some time ago I wrote an article entitled “I Opened My Connection To SSH Attacks, And These Were The Requests I Saw”, although I knew that there would be a significant number of attempts at gaining access too my SSH server, I really did not appreciate the sheer numbers that would be involved (over 100,000 attempts in 7 days). SSH is a significant risk to your network security if not secured properly, that being the case what can you really do to secure it. In this article we will look at methods you can use to help secure the SSH service on your device. Any instructions that are given focus on Red Hat based systems, however, these should easily be transferable to other flavors of Linux.READ
Over the years many of us have succumbed to a very serious condition, sign-on fatigue. Being required to continually supply a username and a password whenever you wish to start using a site or to log back into it. We all knew the passwords should differ between sites, however, when so many are needed this becomes tiresome at best or even impracticable. When we hit this wall, we tend to find shortcuts, in this case reusing passwords. Over the years a few of the larger organizations recognized this and offered their own solution. Organizations such as Google, Microsoft, Facebook and Twitter (among others) started offering a single sign-on service.READ
For some time now, I have been a loyal LastPass customer. Passwords can be tricky and a serious issue to keep track of. However recently I came across an unexpected advantage of using such a password manager. On the 22nd of October 2018 I received the following email:READ