avatar

The Irrational Security Monologue

Top Articles
  1. ASD Seeking Consultation for ISM
  2. ISM2016 May Release - The Good, the Bad and the Ugly
  3. ISM Controls Checklist Builder
  4. ISM2016 Draft Release
  5. Puff-Puff-Pass the Hash
  6. The bad ju-ju of X11
  7. The PSPF Update for INFOSEC 4
  8. Ionize IRAP Checklist Builder
  9. ISM2014 February Release
  10. The ISM Word Cloud

The ISM Word Cloud

Published: 2015-03-12, Views 743

After a 'discussion' involving brewed liquids with some colleagues over my ISM project there was a suggestion I should make a word-cloud, since everybody is on the word-cloud bandwagon these days I couldn't see a reason not to....

Read this Post

Puff-Puff-Pass the Hash

Published: 2015-02-13, Views 799

So you have over a thousand servers in your fleet, how do you make sure your passwords are secure for each of them? An even scarier thought is, what if a malicious actor doesn't even need your password to move horizontally within your environment? A malicious actor may have access to one of your low-value assets and without knowing your passwords, authenticate to higher-value assets - Game over....

Read this Post

Brace Yourselves; ISM2015 is Coming

Published: 2015-02-05, Views 579

One does not simply contact ASD; but when an envoy of one of the seven Great Houses of Defense contact you, humble words of surprise are invoked, mainly because a lion doesn't concern itself with the opinion of sheep....

Read this Post

The bad ju-ju of X11

Published: 2015-01-26, Views 785

Stop me if you've heard this one before, X11Forwarding is bad, because the ISM doesn't tell us so.

Let me start by giving some context around this problem; You have a Piece Of Software that you need to run on your Linux Server somewhere in your environment, that's cool. However this 'PoS' requires a GUI for it to be used/managed and you need to be able to administer this machine remotely, that's bad if you intend do do this via X11 Forwarding over SSH; and I'll explain why....

Read this Post

Control Visualisation Shenanigans

Published: 2015-01-06, Views 603

So I was off doing family and friends things over the break, and I though it would also be a good idea for me to have a stab at a visual representation of the ISM I've been wanting to do for a while. Also, since it has been a bit quiet for me on the ISM front for a while (and I've heard squat from ASD about ISM2015 yet), I decided to sate my own appetite and provide some visual representation....

Read this Post