Category: Uncategorized

Firewalls

What is a Firewall?

Firewalls are key pieces of network architecture designed to filter data and prevent attacks. Firewalls guard the entry point of a computer, also called a port. A Firewall is like a bouncer. It only lets trusted people, aka IPs, domains, etc, into the club, aka the computer. Internal firewalls guard different sections of this metaphorical club, making sure only certain people go backstage, upstairs, etc. Firewalls come in different varieties, hardware, and software. The most common type of firewall is a packet-filtering firewall. This type of firewall checks the packet’s source and destination and makes a decision as to whether it should be let through.

History

What is a Web Application Firewall and How Does it Protect Your WordPress Site? | Elegant Themes Blog

The first firewalls were developed in 1980 by the companies Cisco and DEC. They were called “Network Layer” and were very basic and easily bypassable. In the 1990s, a new generation of firewalls was invented. “Application Layer” firewalls were harder to set up, but they were more thorough and were better at filtering data. The firewalls we have today are a hybrid of these two types.

Security Risks

1. Outdated Software

Firewall providers often update their firewalls to combat new exploits and fix issues. By patching vulnerabilities the firewall can become more resilient against attacks. Advanced software from 2018 might not hold up in today’s world. If you aren’t proactive about updating your firewall, you may run the risk of a damaging breach or a DDoS.

2. Internal Attacks

Firewalls cannot detect insider threats because firewalls focus on filtering external data, and cannot detect anything that has passed into the network. If a turncoat, mole, or careless employee allows data to bypass a firewall, then the network can be destroyed from the inside without ever touching a firewall.

insider threat

3. Basic Inspection Protocols

If firewalls are set up quickly, they may only look at the sender and receiver of a packet, rather than the packet itself. Hackers can “spoof” network firewalls and make it seem like a packet is coming from somewhere it isn’t.

Proposed Solutions

Many of these problems can be fixed with proper protocol and maintenance. Basic maintenance can fix outdated software. A dedicated IT team or one passionate user can keep a firewall up to date. Newer firewall systems, called “next-gen” firewalls test the content of a packet by using layer 7 deep packet inspection. Insider attacks are the trickiest of the three. There are some basic practices you can use to mitigate insider threats.

1. Perform Risk Assessments

Find what your riskiest assets are, their vulnerabilities, what the consequences of a breach would be, and then prioritize enhancing your security. It can be good to make a table out of your data. Here is an example:

2. Establish Physical Security

A good way to stop someone from getting inside your network and keeping them out of the physical spaces. A security team, cameras, or even just locks on server room dorms will keep unwanted agents away. Making sure to check people for unauthorized devices before going into a room with important IT devices can be a good step towards safety. All of this will, at least, help maintain a good security theater. Every day the TSA finds 11 guns in carry-on bags. The TSA spends 8.6 billion per year. That means it costs about 2,141,967 just to stop a single person from bringing a gun on a plane. So why does the US government continue paying for this security? Because it prevents countless people from trying to bring a gun on a plane. The idea of a security team can be scarier than the team itself.

35,956 Security Guard Stock Photos, Pictures & Royalty-Free Images - iStock

3. Software

Certain products, such as Firewall Analyzer or Ekran System can be a good way to prevent an insider attack. These solutions can monitor and flag suspicious activity. These systems can record video conferences, monitor VPN usage, searches, and can detect USB devices. It’s very hard to stop an insider attack, because the user may have complete access to your systems, but with the correct software, you can be alerted before the attack ever happens, and prepare damage control, fire the perpetrator and protect your assets.

Searching

Conclusion:

In conclusion. Firewalls are great protection against outside threats like DDoS and XSS attacks. Many of their shortcomings can be mitigated by proper maintenance and usage. What they have in external security they lack in internal protection. Insider attacks can bypass firewalls but can be properly dealt with via software and proper regulation. Physical security and risk assessments can help against insider attacks. With new innovations in tech happening every day, hackers getting stronger, companies creating updating security technology, firewalls are here to stay, for now.

Sources:

https://www.checkpoint.com/cyber-hub/network-security/what-is-firewall/

https://www.forcepoint.com/cyber-edu/firewall

https://www.britannica.com/technology/firewall

Insider Threat

https://www.trustnetinc.com/firewall-vulnerabilities/

https://www.netwrix.com/Insider_Threat_Prevention_Best_Practices.html

https://www.netwrix.com/information_security_risk_assessment_checklist.html

https://www.ekransystem.com/en/solutions/preventing-insider-threat

AppleTalk

Every computer has an IP address and connects to a router to communicate. That’s how it’s always been, right? Turns out Apple once had a radical idea of connecting Local Area Networks without a router.

AppleTalk

AppleTalk automatically assigns addresses, namespace, and configured inter-network communication without the need to set up a router or do anything else prior. AppleTalk was invented in 1983 under the name AppleBus. During this time, Apple wanted to create a way to connect devices together efficiently using the new SCC chip. They wanted to make a user-installable, zero setup, plug-and-play network. AppleBus was announced in 1984. Before its 1985 release, AppleBus was renamed AppleTalk. Due to its lower speed of 230 Kbit/s, Apple was able to sell AppleTalk for a fraction of its competitors, and AppleTalk was marketed as a “Personal Network”. The main advantage of AppleTalk was that it was maintenance-free. All you had to do was plug in an adapter. As AppleTalk expanded, they added support for integrating into existing ethernets systems. In 1989 the revamped AppleTalk in an attempt to make it more generic. The revamp also allowed for AppleTalk to connect to a wider variety of devices. AppleTalk became a legacy system in 2001 and was discontinued in 2009. As of 2020, AppleTalk has been completely removed from legacy support.

Binary Noises

Binary is the language of computers. Everything that you can put on a computer is represented in binary. From images to songs and much more. Binary is a base 2 counting system. Computers have 2 base values, powered and unpowered, so they can only count in base 2. Each digit in binary has a value of 2^(digit-1). The first digit when displaying 1 is worth 1. But the next digit is worth 2, so now we can make 3 by combining them like this: 11. This gets more complicated because as we add more digits the possible numbers multiply exponentially. so the third digit is worth 4, so now we can make 4: 100, 5: 101, 6: 110, and 7: 111. These numbers allow computers to store values as a series of on and off switches. But how do computers display characters? Each of the 255 characters typable on a keyboard is assigned to a value, pretty simple, but what about images. Images, at their simplest, are stored as numbers as well. long strands of numbers represent colored and uncolored pixels. 0,10,5,2 would display 0 white pixels followed by 10 black pixels, then 5 white and 2 black. It gets more complicated as we add more colors and tones, but that is the basic principle.

Audio:

But how do you represent audio? You can just store every possible sound and assign each one to a number, and even if you did it would take gigabytes to send 1 second of audio. But the trick is in the audio itself.

We hear sound waves. Everything our ears can process is represented by a wave that looks like this:

The wave moves up and down over time as the sound changes and evolves, using this graph which we can detect with microphones, we can plot points on the graph represented in binary like this:

The sampled sound wave doesn’t capture anything that happens between the points, so it loses finner details of the audio. Hertz represents the number of samples per second. Most audio is sampled from 44-48k hertz, meaning they plot that many points on the graph per second.

Sources and Images:

https://www.bbc.co.uk/bitesize/guides/zpfdwmn/revision/3

Guide: Dry Brushing

In this guide, I will be explaining the advantages of dry brushing and how to use it. Dry brushing can help you add that next level of detail to your models.

When to Use Dry Brushing

Dry brushing is best used to highlight detailed areas on a model. You can drybrush armor to give it a feeling of being worn, drybrush metal with flecks of silver to get a more natural shine or drybrush hair to highlight parts that jut out.

How to Dry Brush

Dry brushing is pretty simple. Add paint onto your brush then brush off the paint on a piece of paper until it no longer marks it. Then take large hard strokes over your mini and the small flecks of paint will stick to the pointy bits on your model. You can see this effect on the sword and cloak of this model.