Welcome to the new blog site!

I’ve finally gone pro!  Both my previous blogs have been migrated over to this new site running my own private domain.  The site is still in flux at the moment, but I’m hoping to grow it as time goes on.

Does Twitter really suck this bad?

​Why does everyone in security keep saying they get all their news off Twitter?   Am I just old school for wanting my RSS feeds and podcasts? My primary news source for almost everything is still my RSS feeds and Feedly. I scroll through at least once a day, read a few, toss the few … [Read more…]

Hell Week (or when your AS/400 goes belly up)

Isn’t it funny how most crises don’t arise from just one bad event happening?  Most crises arise from a long history of small, seemingly good decisions which weaken what used to be a resilient system.  While all of those people walk around congratulating each other on cost and time savings, a small few are trying … [Read more…]

The real state of ICS security

As I sit here in blustery Boston taking a break from SecureWorld for a bit, I’m actually brought back to some of the talks given at other conferences this year. I’ve been going over some of the recent talks at RSA and Shmoocon covering ICS security and frankly, I’m not as impressed as I thought. … [Read more…]

A quick and easy master password tool

2016 has been a year full of breaches and a year full of passwords I’ve had to change.  One resolution I’ve made in 2017 is to get away from using any multi-account passwords combinations, which means I’ve got to go full tilt into a password manager. I’ve been using KeePass for almost two years now … [Read more…]

My thoughts on my recent SANS SCADA training

If the guys a Red Tiger Security wanted to kick my brain into black hat mode – they succeeded!  I’ve just gotten back from a 5-day ‘boot camp’ style SCADA security class hosted by SANS in Houston, TX.  SANS actually hosted two similar courses – a more generalized SCADA Security training with an introduction to pentesting, and … [Read more…]

Quick Fix for RIS Not Enough Space On Partition Error

Here’s a quick fix when RIS tells you “the computer does not have enough disk space on the selected partition. Go to <drive>:RemoteInstallSetupEnglishImages<imagename>i386Mirror1 and make a copy of the IMirror.dat file. Go to http://www.winhex.com/winhex/index-m.html and download the latest version of WinHex. If you are more comfortable with another hex editor, then try it.  Change the … [Read more…]

Remotely changing Outlook Exchange Profiles

I’ve got a couple of remote users who report not having any new email since sometime in 2005. These guys don’t sign on to the computers all that often, so I suspect Outlook didn’t automagically change their mailbox settings when I moved them to our new Exchange server back in 2005. Typically, I would do … [Read more…]