Differences between TCP and UDP

TCP and UDP are two very different protocols.  I’ve spent a fair amount of time over the years explaining these two issues to our power engineers and technicians.  What better topic to post here. TCP is more reliable but has more overhead. Probably the most important thing to realize is only TCP has a true … [Read more…]

Random DNS lookups by Chrome

After a couple hours of boredom waiting for a conference to start, I decided to fire up Wireshark and see what I could see across the wireless.  I was greeted with the first few packets appearing to be my machine reaching out to random domains on the internet (see below). Something was attempting to lookup random … [Read more…]

Sendmail took down my site!

After a week of being very busy with other things, I wanted to take a few minutes and check on my blog only to be greeted by “Site cannot be reached.” SSH’ing into the site resulted in a similar response. So what happened? A week prior, I decided that I needed to migrate Sendmail over … [Read more…]

Welcome to the new blog site!

I’ve finally gone pro!  Both my previous blogs have been migrated over to this new site running my own private domain.  The site is still in flux at the moment, but I’m hoping to grow it as time goes on.

Does Twitter really suck this bad?

​Why does everyone in security keep saying they get all their news off Twitter?   Am I just old school for wanting my RSS feeds and podcasts? My primary news source for almost everything is still my RSS feeds and Feedly. I scroll through at least once a day, read a few, toss the few … [Read more…]

Hell Week (or when your AS/400 goes belly up)

Isn’t it funny how most crises don’t arise from just one bad event happening?  Most crises arise from a long history of small, seemingly good decisions which weaken what used to be a resilient system.  While all of those people walk around congratulating each other on cost and time savings, a small few are trying … [Read more…]

The real state of ICS security

As I sit here in blustery Boston taking a break from SecureWorld for a bit, I’m actually brought back to some of the talks given at other conferences this year. I’ve been going over some of the recent talks at RSA and Shmoocon covering ICS security and frankly, I’m not as impressed as I thought. … [Read more…]