Comparison of local network scanning tools

Comparison of local network scanning tools
 
When I worked in several state organizations kovychkadavom, vegetable pentester, severe bearded uncles in sweaters taught me to use only Nmap to scan the network. Having changed his place of work, Dobby became free of prejudice and decided to choose a scanner himself based on pseudo-objective data comparing real functionality of popular scanners that he could find on the network himself, or by asking his colleagues what their favorite scanner was. Actually, the results of the internal of the hollywar comparison of network scanners and decided to write an article. Objectivity is not ...
+ 0 -

Use of multifactor authentication in Citrix based on Aladdin RD solutions - webinar

In one of our past articles we showed how to implement two-factor authentication in a simple (local) script via the StoreFront.
 
 
It looked like this:
 
 
Use of multifactor authentication in Citrix based on Aladdin RD solutions - webinar
 
 
The user with the JaCarta electronic key connects, the system asks for the smart card and the public key on it, the user enters the PIN code. The card is unlocked, to check the user the service asks to sign a ChallengeResponse certificate, which is stored on the card. After validating the credentials, the user is granted access or denied service.
 
 
Recently we together with colleagues from Citrix and the training center "Zvezdy and S" conducted ...
+ 0 -

Useful features VPN

I did not want to write an article about tuning vpn, because they are without me on the Internet thousands - choose the taste and color.
 
 
I just wanted to recall just a few simple things that cause a lot of misunderstanding and questions. I understand that the article does not pull, but I really want to get through to you, but there are no other ways in RuNet.
 
 

1. VPN client can be installed on almost any access point


 
Even at the old point there is often a possibility to update or deliver the desired package. For example, for my old Zyxel Keenetic Ultra there was an unofficial update ...[/h]
+ 0 -

As today, the center for operational management of information security (SOC-center)

As today, the center for operational management of information security (SOC-center)is being built.In large companies, there are people who only deal with the fact that they control the state of information security and wait for the problems to begin. It's not about the guards in front of the monitors, but about the dedicated people (at least one in the shift) in the information security department.     Most of the time the operator of the SOC-center works with SIEMs. SIEM-systems collect data from various sources throughout the network and, together with other solutions, compare events and assess the threat-individually for each user and service, and in general for groups of users and nodes ...
+ 0 -

How to upload a non-standard log into Splink + logs Fortinet

Do we generate a lot of data using information systems every day? Great amount! But do we know all the possibilities for working with such data? Definitely not! In the framework of this article, we will describe what types of data we can load for further operational analysis in Splunk, and also show how to connect the download of Fortinet logs and non-standard log files that need to be divided into fields manually.
 
 
How to upload a non-standard log into Splink + logs Fortinet
 

 
Splunk can index data from various sources that can store logs locally on one machine with Splunk-indexer, or on a remote device. To collect data from remote machines, they are assigned ...
+ 0 -

SOC for intermediate. We are sorting out what we are protecting, or how to make an inventory of the

SOC for intermediate. We are sorting out what we are protecting, or how to make an inventory of theinfrastructure.And again, hello. The cycle "SOC for " continues its movement and development. We have already covered the first layer of the internal kitchen of the monitoring and incident response centers in previous articles, so let's try to go a little deeper into technical details and more subtle problems.  We have already several times indirectly touched on the topic of asset management: and in article about the security control , and in issues of automation and artificial intelligence in SOC . Obviously, without monitoring the infrastructure of the customer, the monitoring center will not ...
+ 0 -

Installation of IP-PBX 3CX in the cloud Microsoft Azure

Installation of IP-PBX 3CX in the cloud Microsoft AzureThis week we fulfilled another long-standing request of our users - added to the list of supported cloud platforms Microsoft Azure! Now you can add to your Azure services and the 3CX business telephony system in a couple of minutes. This will be especially convenient for organizations that already deploy their resources to Azure. Technical specialists will be able to use their experience with Azure, without the need to develop new platforms.
 
 
As you know, 3CX - it's not a classic cloud, and so-called. cloud-ready automatic telephone exchange. The main advantage of this approach is that you do ...
+ 0 -

UL 3223: the new standard of certification of data center

UL 3223: the new standard of certification of data centeris presented.The company for certification in the field of safety engineering Underwriters Laboratories (UL) presented a new standard for assessing the reliability of data centers - UL 3223. It describes the criteria that will allow owners of data centers to reduce the risk of failures in the work of the enterprise. More details about the standard - we will tell you further.     /photo Christina Xu CC   UL 3223 is directed to to ensure the reliability and security of the data center and contains parameters for assessing key components of the company's IT infrastructure. Developers ...
+ 0 -

Effective use of spot-instances AWS

Effective use of spot-instances AWS
 
Spot-instances - is essentially the sale of free at the moment resources with an excellent discount. At the same time, the instance can be turned off and taken back at any time. In the article, I will talk about the features and practices of working with this proposal from AWS.
https://github.com/opszero/seespot ). In short, the daemon looks at both /spot /termination-time and, optionally, in the healthcheck url of your service. Once AWS is ready to remove the instance, it is marked as OutOfService in ELB and can optionally perform the final CleanUP task.
 
So, we figured out how to handle the shutdown ...
+ 0 -

IT Asset Management: How Myths Affect Projects (Part 2)

IT Asset Management: How Myths Affect Projects (Part 2)When implementing ITAM solutions, you often have to deal with different myths. For the project to be successful, it is important to understand the nature of these false representations of the client, remove all open questions, get rid of unnecessary misconceptions or make sure that this is not a myth.
 
 
In the previous article I have considered several questions-myths:
 
 
on the guarantee of up-to-date information on IT assets due to automatic inventory;
 
optional communication with the ITSM-system;
 
on the absence of the influence of IT asset management on the Catalog of Services, etc.
 
 
Today I ...
+ 0 -