Halo: Auditing Without Server Access

Within the security world, we frequently try to implement the principle of least privilege. For example only the users who absolutely require root or administrator access to complete their job function are granted these permissions. The concept is that the…

Read More

Can you stealth a VM?

(Originally posted in SANS Cloud Security Blog) This topic comes up from time to time, and I had someone ask me about it the other day, so I figured it was worthy of a blog post. I’ve seen a lot…

Read More

Better Cloud Security Though VM Cloning

(Originally posted in SANS Cloud Security Blog) While teaching 524 this week, the subject of VM cloning came up. Specifically, we were discussing the impact of cloning on how we apply security to our servers. The folks in class enjoyed…

Read More

PCI File Integrity Checking in the Cloud

Requirement 11.5 of the PCI-DSS standard states that file integrity monitoring tools should be used to alert personnel to unauthorized file changes. While this can be a daunting task in a standalone server environment, the deployment challenges can become quickly…

Read More

PCI Firewall Requirements in the Cloud

When it comes to meeting PCI-DSS within a public IaaS cloud, arguably one of the most difficult requirements to meet is the firewall section. The current requirements were written at a time when all servers were located on-premise. So how…

Read More

Scalable Windows RDP Management

Amazon provides a number of security guides that can be leveraged by customers when deploying AWS instances. One of these guides walks the user through deploying Windows RDP management in a secure fashion. The gist of the advice is summarized…

Read More

Why You Need a Loopback Firewall Rule

I see this problem a lot. You install a firewall policy on one of your Linux servers, and then all of a sudden you cannot update software components or generate email alerts. The rules look OK; in fact most communication…

Read More

Secure Windows File Sharing With Halo

While there are many SaaS based file storage solutions on the market, sometimes it is preferable to stick with corporate approved file storage. But what if you need to deploy a standard Windows 2008 file server and still take advantage…

Read More

Keep Security Simple

Ever since they started embedding Webcams in laptops, I’ve been putting a small Post-it note over the lens. There are just too many hacks that can permit an attacker to spy on you via your own Webcam. Needless to say this…

Read More