By SECTION 9
Just two people trying to do IT and Security the right way.
We signed up for the Purple Teaming class put on by Black Hills Information Security. It was a bit overwhelming, but we learned a lot.
We’re doing a quick review of the Verizon Data Breach report. We’ere also looking at Micosoft 365 options. We’d like to migrate to it if we can.
Black Hills has put out another amazing blog post. This one is titled “A Pentester’s Voyage - The First Few Hours”. We’re not pentesters, but we can learn a lot from the process.
We need to make sure our projects are useful. To help us do that, were mapping our projects to the Critical Security Controls. We’re also looking at the Black Hills presentation on How to Build a Home Lab. This is...
Its been an interesting week. Wireshark saved me at work. Wasn’t expecting that. I’ve been using the Security Onion training. Learning how to set it up and install test data. I’ve also realized that a security lab needs evil. How...
Good news. Everything works! We still have to manage IP address, subnets, vlans, firewall rules and more. That hasn’t changed. What has changed is that it all works. Our hard work is paying off.
That’s right, we have a new VMware server. We also have a new set of problems. How do we manage VMware? How do we access it over a vpn connection? What Fortinet firewall rules do we need? What IP address...
Time to document our Fortinet equipment and plan for our VMware server. Dorothy will do the documentation. She needs to see how the network was put together. Once some of that’s done, we can pick out a server. The sooner...
Meraki firewall is out, Fortinet equipment is in. It works! Things to think about: 1. How many devices do you have? 2. How many Subnets will you need? 3. How many switch ports do you need? 4. What kind of features do you need? 5....
We have a VMware server. It’s kinda wimpy with only 32GB of RAM. We need more power. More power means we can do more things. We’re looking at hardware options.
We installed Dorothy’s FortiGate Firewall. It works! Not only that, but we can see network traffic. What online apps are we using? What websites do we go to? Once we have this information we can plan for better security. Note:...
It Works! Well, sort of. Our stack of Fortinet equipment is working. Unfortunately we’re not sure why. We just know it works. Another bit of good news is that we managed to do all the configuration from FortiManager Cloud. This...
Another Saturday, another issue with our Fortinet project. We’re not sure what happened. We had plans to configure the switch and the wireless access point. It wasn’t meant to be. The firewall lost its connection to FortiManager Cloud. We had...
Can we do a basic Fortinet firewall configuration? Yes we can. The trick is to start simple and work your way up to fancy. We still have no idea how to use the FortiManager Cloud configuration tool. We don’t know...
Time to get things connected to the cloud. FortiManager is Fortinets enterprise management solution. They have two versions. On prem and cloud. We went with the cloud version. Getting things connected was a bit tricky. Lucky for us Fortinet...
We’re unboxing and connecting our Fortinet gear. There’s a lot to do before we start configuring our new Firewalls. Once again, we chose to go with the FortiGate 60F. This is the device we’re starting with. We will be going...
Our FortiNet gear is on the way. It’s time to start thinking about our network design. What kind of traffic do we want going in and out of our network? Where do we place our servers? Do we need new...
After carefully examining our options, I ordered our Fortinet equipment. How did we choose this hardware? What factors go into selecting a firewall? This is an expensive perches. Make sure you do your home work before you buy anything.
We’re moving forward with our Fortinet firewall project. We’ve picket out a firewall, switch and access point. There’s still a lot of work to do before we order anything. We’re working with the Cisco Network Life Cycle. This will help...
We’re getting a new firewall! That’s one of several projects happening early next year. Also on the list is our Azure migration and our certifications. We’re applying our relaxed company culture to these projects. We don’t want any unnecessary pressure...
This episode is about PlexTrac, security audits and company culture. We had planned to do security audits for others as part of our business. How can we do a security audit if we can’t even produce a podcast properly? Some...
Time to start planning for the Windows 10 certification. The modern desktop administrator associate. Why do we want this cert? What’s on the test? How do you study for it? What are some good study materials? We cover all of...
We did okay this year. Managed to take a few steps in the right direction. Automated patching with Automox was one of them. It’s now time to start planning for 2020. We have a few certs and projects we want...
We’re running away to Hawaii for a week. What do we do with our systems? Something to think about when you’re IT team is just two people. Just like everything else we do here at Section 9. We need to...
The Microsoft Azure tutorial we’ve been following is more work than we thought. Accessing the Windows server 2016 VM in Azure is tricky. They want this directly connected to the internet with RDP wide open. That might work for testing....
Thanks to Jack, a listener of the show, we’re looking at Azure pricing. What are we paying for? We’re not sure. Microsoft says they’re being transparent with Azure pricing. I’m not sure sure about that.
More Azure! We’ve added a custom domain and configured a password rest option. We’ve also made Dorothy an owner of the Azure subscription. It took a bit of research to get this done. The tutorial is good, but it doesn’t...
Time to learn about Azure. Last episode we talked about Azure Active Directory Federated Services. What we really want is Azure AD DS.
We’re looking into new technology like Azure AD FS. Before we can start new projects, we need to get the operational side of things in order. We’ve done a good job of clearly defining a patch management process. It’s time...
Are fancy security solutions like Palo Alto firewalls, ExtraHop or LogRhythm going to keep you secure? By them selves, no. It doesn’t matter what the vendor says. There’s no such thing as a security solution that magically saves the day....
How do we do section 9 projects, keep systems running, and record a weekly podcast while having full time jobs? We need the right combination of tools and process.
Time to talk about the new job. Can’t say much yet. I start this coming Tuesday. I can say that what they offered was too good to believe. They want to do the things we talk about on the show....
Time to start securing systems and software. To do that, we’re using the CIS benchmarks. These are configuration guides for things like Windows 10 and BIND 9. The two things we’re focusing on. We have to start somewhere.
Are we going in the right direction? Are we doing the things we said we would? Time for a quick review. Overall, we’re doing pretty good. There are a few things we need to work on. That’s okay. Now’s the...
We found a couple of vulnerabilities during our weekly patch review. According to Automox, we needed to update Google Chrome and Microsoft’s .NET framework. This lead to a discussion about patching early. Don’t panic. Make a plan before you do...
We’ve got a Synaccess network connected power strip. Devices like this aren’t built with security in mind. Is this device a security issue? Should we be concerned? Could a hacker access this device?
We have business & tech issues to deal with. On the business side, we have some basics to take care of. It’s part of doing business. On the tech side, we’ve decided to focus on Risk Assessments. We’re conducting two...
It’s official! We can say we’ve double checked our patch process. It’s quick and easy. We still have to double check our 3rd party apps. We’re hoping to start that process before the end of the month. Remember, patching is...
I finally downloaded, installed and tested Nessus Essentials. It worked out better than I expected. While it does have some limitations, it found Vulnerabilities on our servers. It’s another tool for the tool box. This version is free.
What I thought were Automox issues turned out to be our issues. We go over the good and the bad. We’re a few steps closer to a good patch management process.
There’s only two of us here at Section 9. Deploying and using LastPass was relatively easy. What about using it in an enterprise environment with hundreds of workstations and laptops? That’s the real challenge. What features are we going to...
We’ve got a patch management process. It isn’t perfect, but It’s a start. That’s way better than some organizations. What’s next? Testing it on Patch Tuesday.
After migrating to smaller, cheaper servers on DigitalOcean, I realized we need a new management process. We need a checklist that says do these 10 or 15 things. We’re starting the conversation. We hope to have this figured out soon.
Time to start thinking about secure configurations. What is a secure configuration? What gets configured? How do you manage them? This is just the beginning!
We’ve got a HIPAA correction to make, BIND 9 changes, & a new help desk solution called Jitbit.
In this episode we talk about patch Tuesday, An issue with Automox, & HIPAA compliance. We also have a bit of interesting news. We might have our first client. There’s a minor issue. They asked about HIPAA compliance. We’re not...
The city of Baltimore wasn’t patching. They got hacked. One million systems connected to the Internet are vulnerable to BlueKeep. Why haven’t these systems been patched? When will they be hacked? Not patching could lead to you or your...
The City of Baltimore was hit by Ransomware. We go over some of the details, including an unpatched vulnerability from 2017.
I finally took a look at the Verizon Data Breach Report. If you haven’t read it, do it now. This report helps you understand how the hackers are getting in. You need to know how they get in if you...
With the help of Automox, we survived patch Tuesday. We know all of our Windows systems are patched. This process wasn’t seamless. It required a few more mouse clicks than we expected. I’ll take a few more mouse clicks over...