Category: Encryption

Encryption Firewalls
21 July 2024

An Image Problem II

Cyberratings.org, a non-profit technical testing organisation, recently released a report on eight NGFW firewalls. Seven of the vendors’ products tested received a recommended rating and one, Cisco, received a caution for their Firepower Threat Defense product . CyberRatings Announces Enterprise Firewall Test Results – CyberRatings The full report is behind a paywall but more insight is provided here: https://www.sdxcentral.com/articles/analysis/ciscos-enterprise-firewall-receives-caution-rating-from-cyberratings/2024/06 I happened on this through an […]

Encryption Firewalls
26 April 2023

IKEy no Likey NAT-T

I was recently drafted into help fix a VPN between a Fortigate in Azure and a good old fashioned on-prem ASA. The former had been deployed by some ARM templates and the latter had some config in place but ,it transpired, not enough. Fixing it brought to light two issues. The first is my offering to the Googlesphere: Issue One Do you know that happy […]

Encryption
16 February 2022

OpenSSL Cheatsheet

Ed Harmoush, whose SSL course I waxed lyrical on in an earlier post, has released a freely shareable OpenSSL cheatsheet to publicise a new course specifically on… OpenSSL. So here it is… I haven’t done the OpenSSL course but intend to and I repeat my recommendation for his SSL course… links to his site are on the cheat sheet…

Encryption
19 November 2021

On yer IKE

I was reviewing a VPN configuration and wondered why the engineer was using IKEv1 (IKE being Internet Key Exchange) instead of IKEv2 and then it occurred to me I was merely following a play in the Bluffers’ Guide to IT: the newer the version, the longer the key, the fresher the acronym, the better it must be. I didn’t really have a deep understanding of […]

Encryption
31 October 2021

Licence Revoked

Apparently the Bond film ‘Licence to Kill’ was originally going to be called ‘Licence Revoked’ but the producers were worried that the general public wouldn’t know what ‘revoked’ meant. (The use of ‘apparently’ in this sentence denotes a lack of fact checking). To revoke means to withdraw or cancel and in TLS, certificate revocation is the mechanism by which the owner of a certificate can […]

Encryption
15 October 2021

Just Enough Education…

‘Just Enough Education to Perform’ is either one of Wayne Rooney’s tattoos or a Manic Street Preachers’ song, I forget which, but I often feel this way in IT. Let me expain. If you work in IT you generally know a few areas of it very well, others less well, and others just enough to get by. It’s a broad church, you can’t be an […]

Encryption Networking
21 June 2021

I Can See Clearly Now…

Wireshark is a powerful tool which captures no end of network protocols but 90% of the time you’re probably working with TCP and 90% of that TCP is probably http and 90% of that is probably encased in TLS encryption making it https. The problem here is that sometimes you need to see what’s inside those packets. The good news is you can using the […]