Author: lgrant@nevacross.com

  • Planning for Post-Ransomware

    Planning for Post-Ransomware

    I have a biker friend who tells me that there are two kinds of bikers: those who have dumped their bike, and those who haven’t dumped their bike yet. It is beginning to look like the same concept applies to companies and ransomware. Every week we hear about another company whose operations have been paralyzed…

  • Welcome to the new Trying To Keep It Secure

    Welcome to our new site. The content has not changed; just the presentation. The old site was a Joomla site, and the Joomla software was getting long in the tooth. Although I love almost everything about my web host, they are really geared toward WordPress, and getting Joomla and its prerequisites up to date proved…

  • Endace DAG Packet Capture Cards: Part 2

    Endace DAG Packet Capture Cards: Part 2

    In Part 1, we covered an overview of the Endace DAG packet capture cards. In this post, we will look at a simple example of using some of their features. Working with the Endace DAG cards sometimes reminds me of coding in assembly language: since you are at a low level, you can optimize the…

  • Cybersecurity Style Guide

    Cybersecurity Style Guide

    Here is a nice style guide for writing about cybersecurity, courtesy of Bishop Fox: Bishop Fox Cybersecurity Style Guide I’ve always liked style guides, because I don’t have to spend time pondering whether “website” or “web site” is the correct spelling, and that sort of thing. An additional benefit of this style guide is that…

  • Ethernet Network TAPs

    Ethernet Network TAPs

    In an earlier article, I talked about using Ethernet network TAPs to create one-way network links. Today I would like to talk about using them for their intended purpose. First, a word about the spelling. “TAP” is capitalized, because it is said to stand for “Test Access Point”, but it could just refer to the concept…

  • Endace DAG Packet Capture Cards: Part 1

    Endace DAG Packet Capture Cards: Part 1

    If you ever need to do high-bandwidth packet capture, you should know about FPGA packet-capture cards. An FPGA, or Field Programmable Gate Array, is an integrated circuit made up of a large number of logic gates that can be reprogrammed electronically. It has many of the advantages of an ASIC, or Application-Specific Integrated Circuit, without…

  • Wired security

    Wired security

    I have mentioned before that using Ethernet cables instead of Wi-Fi can make your network more secure. However, there are still some things to consider to make sure you do not accidentally undo the benefits of a wired network. Consider live, publicly-accessible RJ-45 jacks. If the public is supposed to access them, like in a…

  • One-way network links for small businesses: Part 3

    One-way network links for small businesses: Part 3

    In Part 2, we covered receiving the signals we transmitted in Part 1. In some cases, this may be more complexity than you need. Let us look at some simpler cases. Consider this case from security company Darktrace, described in this article: A casino had a large fish tank, with automated sensors to monitor water…

  • Defending the domain

    Defending the domain

    If you run a website, your most precious commodity is your domain name registration. Consider this: So what should you do to protect your domain registration? Of course, you still have to protect your DNS provider account, and your website itself, but if your domain name is secured, it is much easier to recover from…

  • Balancing bathroom safety and employee privacy

    Balancing bathroom safety and employee privacy

    One place I worked had an interesting physical security problem. In their rented office space, the bathrooms were attached to the public elevator lobby, outside the secure area. To make the women’s bathrooms a little safer, particularly after hours, they put a digital combination lock on the doors. For the first few weeks after they…