Bob Young on LinkedIn: #callmeifyouneedme #fifonetworks #cybersecurity #networkarchitecture (2024)

If you use Windows, here’s an interesting little command to run: [For the local Documents folder]:dir c:\"New Folder" /s > %userprofile%\Documents\NewFolderList.txt[For the OneDrive Documents folder]:dir c:\"New Folder" /s > %userprofile%\OneDrive\Documents\NewFolderList.txtThere were only two New Folders on my computer, but one of them was created in 2009 and has been carried forward to every new computer I’ve had since then! When I ran this on my elderly mother’s computer several years ago, I found a couple of dozen New Folders scattered everywhere.Before you delete them, be careful – you may find that files were saved to the folder. The better choice may be to rename it.Command explanation:dir – Search and do a directory listingc:\ - Start at the root of drive C“New Folder” – must be in quotes because it contains a space/s – Search all subfolders (Don’t stop at c:\)> - Redirect the output to a file instead of to the screen%userprofile%\Documents\NewFolderList.txt – Path and filename for the results file#callmeifyouneedme #fifonetworks

23

1 Comment

Listen, this is probably going to come as a shock, but I don't have to reply at all if I'm not interested.(This applies to LI DMs, too, not just email).#email #spam

26

16 Comments

Are you running a Veteran Owned Small Business? You might want to get official certification of your status from the Small Business Administration. For years I’ve been using “Self-Certified” as my status, but late last year one of my major clients announced a deadline for getting certified. They’ll stop accepting “Self-Certified” for VOSB status before the end of this year. Some of the certification options cost hundreds or thousands of dollars, but you can get certified through the SBA for free.As of today, my business is certified! I’m now ready for my major client’s deadline!HOW TO DO ITThe first step is to get registered with the US Government’s System for Awards Management, SAM. This enables you to bid on US Government contracts. It’s free, but it’s time consuming. It’s about as much fun as filling out tax forms. I first got listed with SAM years ago, because it was required to work on anything for the Veteran’s Administration.Then, once you’re listed in the SAM database, you can go to the SBA website for Veteran Owned Small Businesses and go through their process. They’ll use your SAM registration as part of the verification process, to prove you’re the actual business owner.WHY YOU SHOULD DO ITIn order to work on many government projects – city and state, too, not just federal – you have to compete against other businesses. You’ll be submitting bids, and responding to RFPs (Request for Proposals) and RFQs (Request for Qualifications). Then the government agency that issued the bid request/RFP/RFQ will evaluate the responses using some sort of scoring matrix. You get extra points for being in certain categories: veteran owned, disabled veteran, woman owned, minority owned, and so on. This type of SBA certification can give you a boost, or level the playing field if you’re competing against other businesses who have these certifications already.#callmeifyouneedme #fifonetworks #entrepreneurship #smallbusiness

10

You know that password manager program you use, the one with the single master password? It’s risky to leave that thing “unlocked” all the time.Convenient, yes, but less secure.Depending on your level of paranoia, you may want to close that puppy after every use.(Incidentally, when I do data and account recovery for people when a loved one dies, I’m always glad when the deceased person used a browser-based password manager, because then it is so freaking easy to get to so many things).(One more parenthetical remark, for those who want to chime in about passwordless authentication: you know as well as I do that you can’t use passwordless authentication everywhere, so don’t bother looking silly. Password managers are still an important tool).#callmeifyouneedme #fifonetworks#cybersecurity #authentication

32

24 Comments

“We’re looking for someone to do penetration testing.” The inquiry came from a PUD (Public Utilities District) via the “Contact Us” page on the FIFO Networks website. I called and talked them into not hiring me.I told the contact person, “I’m the one you hire before you hire a pen tester, to get the network ready.”Real penetration testing – not just running some pre-packaged programs – involves coding skills, which I don’t have. I’m the infrastructure and policy guy.This is an ethical issue. Don’t take a gig you’re not really qualified for.THE LESSONIf you’re starting your own business, you need cash flow desperately, and you may be tempted to say yes to every job that comes along. Resist that urge. Your business will grow better, stronger – and faster – by doing jobs you can succeed at. Know where you’re great, and make referrals for the rest. Remember, the people you refer to others will later likely refer you. Build your network on strong relationships and build your business on successful projects.UPDATE: There are requirements for doing cybersecurity work for public utilities in the USA. All first-round eligible companies/persons were notified. There’s no point in telling me you’re interested.#callmeifyouneedme #fifonetworks#cybersecurity #entrepreneurship #pentesting

53

10 Comments

If you use Square credit card processing, beware of fake emails being sent right now.Cybercriminals are actively using a fake domain to send emails. The malicious emails are from:squareup(dot)netThe real Square domain is:squareup(dot)comI received the email shown in the screenshot on July 30. All links in the email are disguised with a link shortener. Don’t click! Mark the email as spam/phishing/junk and delete.Interesting sidenote: I get my work emails in Outlook, but also via Gmail. Gmail flagged the message, but Microsoft Outlook let it right on through.#callmeifyouneedme #fifonetworks#cybersecurity #phishing #email

18

3 Comments

True problem analysts do not like default solutions. Every solution to every problem needs to be independently derived. Underlying principles stand firm, but the methodologies and solutions are always in flux. “Bob, what are you talking about?”Well, here’s an example. A default solution to a wide array of problems today is, “We’ll spin up another VM in our cloud account.”Stop. Analyze. Is the data appropriate for an Internet-accessible environment? What are the security requirements? Is that VM going to generate revenue, or save money, or… is it just an expense? Will the data be backed up? Will the environment be backed up? How does that affect the cost analysis?Yesterday’s solution isn’t necessarily today’s solution. Work it out, each time, as a new problem – because it is.#callmeifyouneedme #fifonetworks#cybersecurity #networkarchitecture #systems #budget

13

10 Comments

It was like playing Whac-A-Mole. Saturday evening I was doing month-end maintenance for one of my clients, and a firewall alert came up for a denied VPN connection. I glanced at it, and it was for “Eric.” But there’s no one in the VPN group named Eric! I checked the source IP address, and it was registered through RIPE NCC, which is the Regional Internet Registry for Europe, Middle East, and Central Asia.This particular client has no regular business dealings with anyone outside the USA, so I blocked the whole Class A address range. I went back to work, and about ten minutes later… “Eric” pops up again, from a different IP address, also registered through RIPE. I blocked that whole Class A range, too.A few minutes later… yup. But this time, it’s a different name, so I don’t know if it’s the same person or not. Again, the address is registered through RIPE, so I blocked the whole Class A range.And, a few minutes more… another attempted VPN login was blocked. A different name was used, and a different IP address. This time, it was from a Class B address range registered in the USA to Alibaba. I blocked that whole range, too. If my client buys stuff from Alibaba, I may hear about this one in a few days. If that’s the case, I’ll open the range and block the single IP address used by the attacker.Things settled down after that. This client sometimes goes months without a VPN attempt in the logfile.THE LESSONS(Q) “If the firewall blocked the failed login attempt, why block the IP addresses? After all, the attack was thwarted anyway.”(A) Because it’s never just one attempt. The cybercriminal will keep trying various combinations.(Q) “Why block an address range, instead of just blocking the attacker’s IP address?”(A) Because the attacker may have access to multiple endpoints from which to launch the attack, and those endpoints may have certain commonalities, like all being with the same ISP.(Q) "Why not just block entire countries and be done with it?"(A) For some clients, I do exactly that. It depends on the client’s security needs. Some of the Internet resources people want aren’t located in their country, so blocking entire countries or continents may be viewed as inconvenient.#callmeifyouneedme #fifonetworks#cybersecurity #firewall #vpn #iam

32

10 Comments

Yesterday at the weekly Rotary lunch one of the other members asked me about the CrowdStrike incident. I realized that he thought it was caused by cybercriminals, so I said, “It wasn’t caused by a virus.” His eyes opened wide and he asked what happened, so I explained that it was a piece of badly written code that was part of an update issued by CrowdStrike. He correctly concluded, “So they didn’t even test it before it went out.” I nodded and he said, “I hope they learned a lesson.”The reason this conversation is noteworthy is because this affluent, well-educated man still didn’t understand what happened after a week of reporting in the news.I see two issues that need to be addressed: 1) Journalists need to have a better grasp of cybersecurity incidents so they can provide better quality information, and2) The general public needs more training in both information technology and cybersecurity awareness.#callmeifyouneedme #fifonetworks#cybersecurity #informationtechnology

196

33 Comments