Tag Archives: firewall

10 Surefire Ways to Lose Your Sysadmin Job

I just came a across an article that I wanted to discuss. The article is titled “10 security mistakes that will get you fired” written by Roger A. Grimes. I have know too many sysadmins and IT security specialists that have committed at least one or more of these huge mistakes. I’ll cover the highlights here with a link below as well.

Mistake #1 Killing Business Functionality

Although network security is job one to a IT professional, it is not to the company you are working for. Closing down critical business information systems while trying to remediate an intrusion can find you in hot water with management. Just assume management will believe the loss of business systems will outweigh the cost ridding the system from the bad guy.s
Continue reading

stop-1024x768

51 Things You Need to Stop Doing Now

Written by: Christina Goggi

Here’s a list of 51 things you need to stop doing NOW. Parse this list, and if anything on it lines up with how things are done in your environment, stop it. Trust me on this. Each and every one of these things is bad, wrong, or even dangerous, and while it may seem like the simple thing to do right now, it is going to cost you much more in the long term.

1. Using default passwords

It takes 10 seconds to change the password on any device. Do it, or don’t be surprised when someone owns your access points, or your printers start to display “Insert Coins to Continue…”

2. Using password policies that are either too strong or too weak

Password length, complexity, and expiration requirements should strike a balance between security and functionality. A password that must be changed every 30 days is probably excessive, and will lead to admins ticking the box so their password never expires. Not requiring complexity makes it trivial to brute force or crack using simple dictionary methods. You should neither assume you won’t be a target, nor think you work for the NSA when setting the password policy for your users.

3. Forcing password patterns

Continue reading

Learning From Mistakes

The 43 Things Administrators Should Never Do

Administrators have a tough job on their hands to manage, maintain and protect the network they Things-Administrators-Should-Never-Do-205x300are responsible for. Armed with the latest tools, they do an excellent job; however, at times, often due to pressure, they make mistakes – sometimes easily avoidable. In this post we are going to present the top 43 common mistakes administrators have made, as a reminder of what they shouldn’t do.
They are categorized under networking, configuration, security, and best practices, and are based on firsthand experiences.
Here is the list:

Networking

1. Leave the trailing dot off a zone file in DNS
The first and most significant mistake a new BIND administrator can do is forget to end each zone with the trailing dot, leaving their zone dangling in the breeze as clients try to append their own domain name, and fail.
Continue reading