Posts

Showing posts from 2022

Safely and Securely Back Up Your Virtual Machines on Someone Else's Computer

Image
In healthcare, it's critical that IT professionals have a solid backup game. The workflow at job.current has undergone several iterations of backup strategies, and our offsite backup plan has never been as cohesive as I'd like it to be. Our infrastructure has undergone many changes over the last two years, and upon realizing that our offsite backup strategy had gaps, I escalated the priority of closing those gaps to SEV1. Prior to Windows 7's demise, we were running several Citrix XenServers which served up a Win 7 VDI grid as well as infrastructure servers (LDAP, Print Servers, File Servers, app servers), and one legacy VMWare ESXi server (more of the same minus the VDIs). Each of our servers were running on identical 2u SuperMicro whitebox servers with 24 cores of Intel Xeon CPU power, 192GB of memory, and a RAID-6 array of 2tb spinners. As we phased out our VDI infrastructure, we were looking to also move away from XenServer completely, as Citrix had unfavorably changed

Neither Imap nor Yourmap: Yeet Legacy Authentication!

Image
Every so often, the prevailing forces in the IT industry collectively decide that a protocol must be deprecated. The Internet Messaging Access Protocol (IMAP) appears to be one of the latest victims of this phenomenon. This has caused some inconveniences, but I'm okay with the reasoning behind this: an increased emphasis on security and requiring of multi-factor authentication. Of the tech giants I've seen addressing this, it seems Microsoft hates IMAP more than Google. I use a library that reads my Gmail messages through IMAP, and Google's way of handling the inherent flaws in the protocol is to set up different credentials to access Gmail via IMAP . From a security standpoint, this seems like a half-measure, but it's better than nothing. Microsoft is strongly recommending that Exchange administrators disable IMAP and POP3 (seriously, why is anyone still using POP3?) and making sure two-factor authentication is on for all of tenant accounts, whether they're shared

Mind your Zones with ZoneMinder

A necessary component to any good cybersecurity program is physical security. Being able to monitor the physical footprint of your facility is important to the integrity of your network and hardware environment. However, some closed-source or otherwise proprietary camera monitoring programs are expensive, clunky, not user-friendly, and sometimes a mix of all three. Even worse, security camera monitoring systems might charge per camera, quickly getting out of hand in terms of cost for larger facilities or those which need a lot of camera coverage. To avoid the hassle we faced with our previous use of a closed-source, Windows-only monitoring system, we switched some time ago to ZoneMinder. Why Zoneminder? Being FOSS fanatics, Justin and I wanted a CCTV program that would run easily on Ubuntu Server. We were also switching away from a Windows-only program that charged us per camera, making it a financial hassle to cover additional sectors of our facility. With ZoneMinder , we can add as m

Auto Warranty Scam Calls Exposed

One thing I've started to enjoy is picking up on scam calls and wasting as much of the scammers' time as possible. Maybe it's altruism and not wanting that time to be spent successfully scamming vulnerable/gullible people. Maybe it's my white-hattedness wanting to dig as deep as I can to keep others safe. But my desire to figure out this particular scam definitely has something to do with my distaste for people who make their living by scamming other people. The auto warranty scam calls only took me a few rounds to figure out the overall scheme. Here's what I've found out: Make/Model/Year Make and model are fairly irrelevant. As long as you match something up decently, you can keep the scammer's attention. Year is the most crucial thing to get right or wrong, depending on the point in the call. Auto warranty scammers will ask for up to three vehicles if your first two don't "qualify" for the supposed extended warranty. I start out with a modest

An Open Letter to Organizations with Sh!tty Password Policies

 Dear Organization with a shitty password policy, The year is 2022 and you still haven't learned (from readily-available lists of 600M+ exposed passwords , other companies' breaches, and your own recent breach ) that your password policy is a dried-up, crunchy, desiccated piece of suburban-backyard dogshit. The year is 2022 and you're still using short passwords that expire soon after being set. You insist on 8-character passwords that expire every 30-90 days because you can't trust your employees and/or customers to be responsible adults. You insist on 8-character passwords that expire every 30-90 days, and your end users hate your IT department and the computing environment as a whole for this one simple reason. They have to keep changing their weaksauce passwords before they can commit them to memory. And when a botnet invariably cracks one of your user's passwords in under 24 hours, your end user has to change it again... if you even have any logging detection s