Archive for the ‘security’ Category
CohesiveFT video overview
For those of you wondering what I do in my day job:
Filed under: cloud, CohesiveFT, security | Leave a Comment
Tags: cloud, networking, security
Authorization
In which I examine why XACML has failed to live up to my expectations, even if it isn’t dead, which has been the topic of a massive blogosphere battle in recent weeks. Some background I was working with the IT R&D team at Credit Suisse when we provided seed funding[1] for Securent, which was one […]
Filed under: identity, security | Leave a Comment
Tags: access control, ACL, authorisation, authorization, coarse grained, entitlements, fine grained, ldap, ldif, REST, Securent, service, SOA, SOAP, xacml
A lack of discretion
There’s been a lot of Monday morning quarterbacking over last week’s shutdown of Boston during the pursuit of terror suspects. I have my own opinions about what went on, but don’t feel this is the time or place to get into that. The point of this post is to examine whether if many (or even […]
Filed under: security, wibble | 2 Comments
Tags: bomb, common sense, discretion, Navy, terror, transformer
In part 1 I went through setting up an SSH tunnel, and waking up machines on the home network. In this part I’ll run through how to use various protocols and clients to connect to machines on the home network. SSH tunnels on PuTTY SSH lets you tunnel many other protocols through it (using a […]
Filed under: howto, Raspberry Pi, security | Leave a Comment
Tags: howto, http, Putty, Raspberry Pi, Raspi, RDP, remote access, router, RPi, SOCKS, SSH, tunnel, VNC, vpn, wakeonlan
In this post I’m going to cover setting up a network tunnel and waking up other computers on the home network. Why use a Raspberry Pi? A tunnel needs two ends, so at home this means leaving at least one machine switched on – keeping the electricity meter turning. One of the great things about […]
Filed under: howto, Raspberry Pi, security | 9 Comments
Tags: howto, Putty, Raspberry Pi, Raspi, remote access, router, RPi, SSH, tunnel, vpn, wakeonlan
Password dump checking
Leaks of (badly secured) password files seem to be big news at the moment. In many cases people set up sites to allow you to see if your password was in the leak – but who knows whether these sites are trustworthy. That’s not a risk I’m happy to take. Python provides a reasonably simple […]
Filed under: howto, security | 2 Comments
Tags: check, checker, leak, password, python, SHA1
Bolting in security
This is a long overdue reply to Chris Hoff’s (@Beaker) ‘Building/Bolting Security In/On – A Pox On the Audit Paradox!‘, which was his response to my ‘Building security in – the audit paradox‘. Hopefully the ding dong between Chris and I will continue, as it’s making me think harder, and hence it’s sharpening up my […]
Filed under: cloud, security | Leave a Comment
Tags: @beaker, audit, bolt, bolt on, build in, Chris Hoff, cloud, control, Forecast, iaas, in, ODCA, paas, security
Firstly let me say that I like Linode a lot. They had a promotion running a little while ago which got me going with my first virtual private server (VPS), and I only moved off to somewhere from lowendbox after the promotion because my needs are small (and I wanted to match my spend accordingly)[1]. […]
Filed under: security | 4 Comments
Tags: admin, Bitcoin, console, iaas, Linode, management, password, security, SSH, VM, VPS
My friend Randy Bias very kindly came in and did a web conference presentation at work this week on his views of cloud computing (which are well summarised in a post he did at the end of last year). Inevitably the topic of security came up, and Randy, drawing on his past experience in the […]
Filed under: architecture, cloud, security, software | 6 Comments
Tags: audit, bolt on, build in, cloud, compliance, firewall, gateway, iaas, paas, schema, security, validation, xml
Chris Swan's Weblog 