If you’ve ever launched Wireshark only to encounter an error “the npf driver isn’t running” then you probably have encountered a botched install. Have heart, we can fix this without having to reinstall. Here’s how. Click to close the error, and then close Wireshark. Open an administrative cmd prompt. Run this command sc start npf […]
Author Archive | Ed Fisher
Just a really quick, short post prompted by the fact that I needed to know what version of PowerShell I was running, and drew a complete blank on how to tell that. It’s apparently quite simple. $Host.Version [enter] Original Post
Usernames and passwords are not enough to authenticate users in today’s threat-filled environment. Two factor authentication is something that needs to be on your radar now, for internal, external, and cloud-based applications.
alternate titles include -how to break cloud services -herding cats 101 Folks, I keep coming across a phenomenon from out of the late 90s that I really thought we, as an industry, left behind long ago, much like grunge music and Geocities. I have encountered it so many times in the past two weeks that […]
Are we sharing just a little too much information on the social web? Signs say yes.
TMG 2010 does a great job of securing your network, and can exercise very precise control of internal users’ access to the Internet when it comes to ports and protocols, file access, etc., but unfortunately it cannot do anything to control bandwidth consumption. Whether you call it traffic shaping, bandwidth restrictions, rate limiting, or speed […]
Q: How many sets of credentials are too many for one person to maintain on the network?
A: More than one.
The eleven laws of security provide great seed material for Information Security awareness programs, and can serve as a good refresher for admins too.
Here’s some common sense advice on how to implement your firewalls. These are some vendor’s best practices; these are words of wisdom from someone who’s been there, done that, and learned the hard way what works, and what doesn’t. It might make an auditor’s head spin; it might make paper-CISSP tsk-tsk, but it will also make your job a lot easier, and won’t violate any RFCs.
Push any app or service you want out to the cloud, but keep your security close and require your service providers to use one of the standards based methods to authenticate your users against your Active Directory.