Looking for DNS Zones Transfers with Python
Back in the day - Windows 2000 era - we would block
TCP/53on the firewall, at the time this was because DNS queries were onUDP/53and TCP at the time was used for Zone Transfer.A zone transfer, is where you ask a DNS server to give you ...
Is your firewall Team from Venus?
Something a little different for my site; this post is a soft-skill article. In job listing, or development plans its really common for Technical roles to include a soft skills component and I had kinda assumed it was filler content, how hard is it to talk to people?! A couple ...
SecOps: Automated Download of Qualys Vulnerability Report Data
I'm finding the Qualys Cloud Platform an invaluable vulnerability management tool, a mass of near real-time data that shows the security posture/risk of the estate. The reporting systems is "ok" (not stunning) but what is lacklustre is automated-reporting-feature, basically you can schedule things to run, but the data ...
PowerShell: A simple script to GPG encrypt files
Recently I've needed to backup some sensitive files to online storage; my requirement was simple: work on local files and when they change encrypt. As I'm working on a windows machine that means powershell, I could schedule a task but I'm just manually running this as and ...
snmpwalk v3 and snmpget v3 examples
I always forget the syntax for snmpwalk/snmpget v3; so posting here to remember.
snmpwalk version 3
The command is:
snmpwalk -v3 -l authPriv -u snmp-poller -a SHA -A "PASSWORD1" -x AES -X "PASSWORD1" 10.10.60.50Example output:
[nick@server ~]$ snmpwalk -v3 -l authPriv -u snmp-poller -a SHA ...Monitor for Fake Certificates with Certificate Transparency
Certificate Transparency (CT), is an open, public, Certificate Authority monitoring system. More info available over at certificate-transparency.org.
The CT web site sights a couple of examples where CAs have failed, either through compromise or mistake, but recently Facebook caught fake certificates where there was no fault of the CA ...
SSH Server on Windows, the Microsoft Way
An SSH server for windows, it's the kind of thing only a Linux/OSX user would ask for. The current defacto standard is Cygwin but if you fancy something a bit more native, something a bit backed by Microsoft then take a look at PowerShell/Win32-OpenSSH on github.
Installation ...
Automated Let's Encrypt Certificates
Last month I was very pleased that I had managed an automated Let's Encrypt certificate renewal; the other night the renewal broke as the certificate was issued from a different intermediate CA, so help others out I thought I'd share with you my cron script.
Before copy/pasting ...
Cisco CCNP Security
