There are people who enjoy messing with scammers by replying to scam, or implementing the Jolly Roger Telephone company. While its a few years old, I just watched a couple of James Veitch Ted Talks on what happens when you reply to spam email. Its hilarious.
Dreamhost was sending me cryptic emails about my site using too many resources then dieing as a result. Then Jetpack site monitoring was finding the site down, presumably due to running out of resources. And the homepage loaded too slowly. So a technical problem was at hand. There aren’t a lot of resources out there …
Long before WannaCry used a recently patched Microsoft vulnerability to exploit machines, the recommendation was to disable SMBv1. Disabling old protocols isn’t sexy. You’re breaking things, and not introducing new features. You’re fixing theoretical future attacks. Perhaps the willingness to take on this challenge is a good measure of the maturity level of …
One of the better things you can do to protect your money spent on electronics devices is have a good surge protector and battery backup. If you’re like me, you only buy the kind where you can disable the audible alarms. The problem with this is now you might not get any warning if …
FTC Chief Technologist Lorrie Cranor wrote in March it is time to reconsider mandatory password changes. Unless there is reason to believe a password has been compromised or shared, requiring regular password changes may actually do more harm than good in some cases. (And even if a password has been compromised, changing the password may …
I received the following voicemail on my home number today. “The reason of this call is to inform you that the IRS is filing lawsuit against you to get more information about this case file. Please call immediately on our department number 347-637-6615. I repeat 347-637-6615. Thank you.” While tax season is the high season …
This week Tenable released a new “plugin” (what they call a vulnerability detection) named “Web Server HTTP Header Information Disclosure”, plugin id 88099. In spite of even the title saying it only an information disclosure vulnerability, they rate this a medium. In my environment that means we need to address it. I think its a …
Continue reading ‘Vulnerability Scanners and HTTP Headers’ »
I had some Windows 2008 R2 servers in Amazon AWS EC2. To save some money, they were turned off when they weren’t needed. I noticed when I did boot them that they had some time issues apparently jumping from Eastern US time to UTC time for a while before switching back. It seems when …