Index ¦ Archives ¦ Atom > Tag: Defence in Depth

Are outbound firewalls worthwhile?

I was recently setting up a server on Microsoft's Azure platform from work and by default Azure pick I high port number1 and NAT it to port 3389 for RDP. I must have spent a good hour trying to work out why I couldn't connect to the server when …


ASD's Essential Eight

I've long been a fan of the advice from the Australian Signals Directorate (ASD) [previously the Defence Signals Directorate (DSD)]. Not too long ago they changed their "Top 4" to their "Essential Eight".

What I like about ASD's advice is that it's easy to read, in comparison ISO 27001:2013 …


Designing for Failure

I recently purchased my grandfather's house which he built himself in the mid 1950s. My fiancé and I were painting the house and we came across a pipe sticking out of the wall just above the rain water tank.

Pipe above rain water tank

Looking inside the roof we discoved that this pipe came from …


Is patching still the best defence

One of the nice things about the ASD's Strategies to mitigate Targed Cyber Intrusoions is that they rank them by effectiveness. Saying that their top four would prevent 85% of intrusions.

Their top four are:

  1. Application Whitelisting.
  2. Patching Applications.
  3. Patching Operating System Vulnerabilities.
  4. Restrict Administrative privileges.

Patching is two out …


Automatic Updates for Debian

Good security is about defence in depth, layers of security. There is no one thing that will make you secure but one of the easiest things to do that gets you the best bang for your buck is patching your software.

On windows this is called Automatic Updates, in Debian …

Creative Commons License
Content on this site is licensed under a Creative Commons Attribution 4.0 International License.
Built using Pelican. Based on a theme by Giulio Fidente on github.