Privacy Definition

Privacy No Comments

An excellent definition of privacy in the context of autonomy and security:

  • Autonomy Privacy is an individual’s ability to conduct activities without concern of or actual observation (i.e., surveillance).
  • Information Security is the protection of information resources from unauthorized access, which could compromise their confidentiality, integrity, and availability.  This includes, but is not limited to networks, hardware, software and information (some of which is confidential).
  • Information Privacy is the intersection of autonomy privacy and information security — it is the appropriate protection, use, and dissemination of information about individuals

Source: Autonomy Privacy, Information Privacy and Information Security

Shodan Search Shortcuts

Security No Comments

Use Shodan to discover which of your devices are connected to the Internet, where they are located and who is using them.

Listed below are some popular search shortcuts/search keywords to help with narrowing your search results:

Keyword Values Description Example
port Any Numeric Value Specific Ports port:554
has_screenshot True/False Has Screenshot has_screenshot:true
org Organization Value Organization org:”Microsoft”
ssl Organization Value SSL Certificates for Organizatio ssl:edellroot
ssl:Some University
ssl.version SSL Version Value SSL Version ssl.version:sslv2
ssl.version:sslv3,tlsv1,tlsv1.1,tlsv1.2
net IP Range IP Range net:18.27.7.0/24
net:18.27.0.0/16

Search Examples

Example Search Query Used For
port:9100 product:”LaserJet” Finding HP LaserJet printers on the network
ssl:edellroot Finding devices with SSL certificates issued by eDellRoot
net:18.27.0.0/16 ssl.version:sslv2 Find hosts supporting SSLv2 in the 18.27.0.0/16 subnet

Top 10 IT Issues in 2016

Technology No Comments

Educause has released their Top 10 IT Issues in 2016. What’s really impressive is the visual difference in IT priority changes over the last 16 years. For this year, the top 10 issues are:

  1. Information Security
  2. Optimizing Educational Technology
  3. Student Success Technologies
  4. IT Workforce Hiring and Retention
  5. Institutional Data Management
  6. IT Funding Models
  7. BI and Analytics
  8. Enterprise Application Integrations
  9. IT Organizational Development
  10. E-Learning and Online Education

Source: Top 10 IT Issues, 2016: Divest, Reinvest, and Differentiate

Explicit vs. Transparent Proxy

Technology No Comments

A proxy server is a server (a computer system or an application) that acts as an intermediary for requests from clients seeking resources from other servers. A client connects to the proxy server, requesting some service, such as a file, connection, web page, or other resource available from a different server and the proxy server evaluates the request as a way to simplify and control its complexity. Proxies were invented to add structure and encapsulation to distributed systems. Today, most proxies are web proxies, facilitating access to content on the World Wide Web and providing anonymity.1

In an explicit proxy configuration, the client (e.g. browser, desktop application etc.) is explicitly configured to use a proxy server, meaning the client knows that all requests will go through a proxy. The client is given the hostname/IP address and port number of the proxy service. When a user makes a request, the client connects to the proxy service and sends the request. The disadvantage to explicit proxy is that each client must be properly configured to use the proxy.

In a transparent proxy configuration, the proxy is typically deployed at the Internet gateway and the proxy service is configured to intercept traffic for a specified port. The client (e.g. browser, desktop application etc.) is unaware that traffic is being processed by a proxy. For example, a transparent HTTP proxy is configured to intercept all traffic on port 80/443. The typical benefits of a transparent proxy include a standard enterprise configuration where all clients routed to the internet will always be filtered and protected no matter what the end users do, or change, on their machines and the added benefit of reduction in typical user’s client-proxy configuration troubleshooting.

A better way to ask the “What do I want?” question

Personal No Comments

At the core of all human behavior, our needs are more or less similar. Positive experience is easy to handle. It’s negative experience that we all, by definition, struggle with. Therefore, what we get out of life is not determined by the good feelings we desire but by what bad feelings we’re willing and able to sustain to get us to those good feelings.

Source: You probably know to ask yourself, “What do I want?” Here’s a way better question

© 2019 Leonard Nelson. All Rights Reserved. The content on this site reflects my own personal opinion and does not represent the views of any other individual or organization. All suggestions, solutions, advice and opinions come as-is with no warranty or responsibility implied.

MENU

Navigation