I protect any account I have with two factor auth, at least the ones that support it (this site for example has 2FA for admin logon), it’s not that inconvenient (especially not with Authy/Duo) and greatly increases security of your critical accounts. Let’s start with the endgame: However, I haven’t protected my publicly accessible firewall […]
Scanning for network vulnerabilities using nmap
This article is a bit of a divergence for me, I recently had the need to scan an entire network for a particularly nasty Microsoft security vulnerability MS15-034. Obviously there are a few ways to check for this, the first is obvious, check what servers have IIS installed. However, this bug isn’t limited to IIS, […]