I’m going to start going over some Core Concepts, a lot of these I ask in interview questions. “What is PKI? How do you Encrypt, Decrypt, Sign and Verify Data?” The Answers I get are quite wrong or not quite right most of the time. PKI, Public Key Infrastructure Covered, read the wiki link, TLDR: it’s our ssl chaining system Continue reading What the heck is PKI, Public Keys, Private Keys, Infrastructure, Security, Sign this Encrypt that..what?!
So while at InteropITX, the use case was given that your employees should expect a consistent signature from co-workers to ensure phishing hasn’t been used to gather information from internal staff to coordinate an attack. HOWEVER, “Thanks, -Jake” is no cryptographically sane signature, and it’s not HARD to sign emails with your private key, —–BEGIN PGP SIGNED MESSAGE—– Hash: SHA512 Continue reading What is a real email signature.
A few weeks ago I had the honor of being a guest on a podcast! This is a first for me as the closest to speaking publicly have been at small, 20’sh tech meetups, not the same. I tell you what these guys are really good at their job, they did a ton of research, had great questions (many of Continue reading Datanauts Podcast Episode 081 – Secure Email Infrastructure
Today I had the privilege in speaking on one of my most passionate topics, email! What was even more fun, is it was with the Datanauts crew! So that’s exciting and will be dropping in a few short weeks. I also came across another google compression system, last week was geutzli, this week it’s brotli. while geutzli is all about Continue reading Quick update, Datanauts and Brotli?
tldr, I used nginx! So since I have my VPS on anycasted IPs and I use ansible to deploy, I wanted to make 3 all servers nearly the same, minus their specific ‘mgmt’ public IPs, so moving squid to a new IP I wanted to use the standard https port but could NOT figure out a way to get squid Continue reading Squid bind specific IP Address (workaround)
Step 1) Download Nartac for IIS Step 2) Run and select Best Practices (Disables SSLv2/SSLv3) Step 3) Reboot That’s it, if you want the long and hard way, follow this technet article. What does this tool do? It makes registry changes to your schannel which applies to all TLS channels, either HTTPS, SMTPS, or STARTTLS (others if you have them)