Tag Archives: security

Sonicwall NSA 2400 Review

Upgrading from a Sonicwall Pro 2040 Enhanced I recently had the opportunity to use the new Sonicwall NSA 2400. The Sonicwall name has been around for a while, known for making low-to-mid level network firewalls with available security service options. In the past I had used a Sonicwall Pro 2040 with the enhanced firmware – providing IDS/IPS, gateway antivirus, gateway antispyware and content filtering in addition to the firewall function. This new Sonicwall NSA 2400 was going to replace the Pro in a production environment.…


Read MOre »

MASS CMR 201 17.00

New Regulations for Protection of Massachusetts Residents’ Personal Information Code of Massachusetts 201 17.00 deals with the protection of personally identifying information. These guidelines were enacted as law, and deal with information security standards and notification of security breaches. The laws apply to businesses that “own, license, store or maintain personal information about a resident of the Commonwealth of Massachusetts “. Massachusetts is not the first state to enact such laws, but rather has followed along with the new trend- creating regulations based around information…

Read MOre »

Sniffer Cable Pinout

The sniffer cable is needed to connect a sniffer to an ethernet┬áhub, but not transmit any data that may reveal the sniffer’s existence. This cable will return an inverted version of anything sent to the interface. The pinout for this cable is from the book Windows Forensics, by Chad Steel (ISBN 0-470-03862-4), but can also be found at dgonzalez.net, along with other useful pinouts for receive-only cables. Orange White TD+ (pin 1) Orange TD- (pin 2) Green White RD+ (pin 3) Green RD- (pin 6)…

Read MOre »

Comp-Tia’s Security+ Certification Exam Notes

Comp-Tia’s Security+ Exam Exam Number SY0-101 Number of Questions 100 Time Allotted 90 Minutes Passing Score 764/900 Exam Objectives: Available at the CompTia Site Access Control Models MAC Mandatory Access Control – An Administrator createds a predefined set of permissions and assigns them to users and objects (labels) DAC Discretionary Acess Control – The resource owner established who or what has rights to an object (ACL) RBAC Role Based Access Control – Rights are assigned per user role, roles are ususaly based on organizational structure.…

Read MOre »

Vertical TeleVantage Password Security

Easy to guess passwords are the Achilles heel of all phone systems. Vertical TeleVantage combats this by offering the administrator the ability to enforce the use of strong passwords for system users. Other options, such as lockout and password expiration make the job of guessing a password much harder. Requiring Password Complexity Options for strong passwords include minimum password length, prevent passwords that contain the account’s extension, and a list item entitled ‘Prevent passwords from the following list’. This final option includes a long group…

Read MOre »