Creating a Secure Environment for your Cryptocurrency Hardware Wallet

In this brief blog post I will discuss what I believe to be good practices to follow during the set-up and day-to-day usage of a Cryptocurrency hardware wallet; specifically the Ledger Nano S because it’s the one I use. This advice should still be useful for other hardware wallets as they’re all quite similar.

Continue reading Creating a Secure Environment for your Cryptocurrency Hardware Wallet

My Research on Misconfigured Jenkins Servers

Late last year I decided to see how many misconfigured CI/CD (continuous integration and deployment) installations I could find on the internet. I decided to focus my research on one of the most popular CI/CD applications – Jenkins. This article isn’t an attack on Jenkins in any way shape or form – any piece of software and/or hardware can be configured incorrectly… it just so happens to be that CI/CD servers often host some very sensitive configurations – some of which I will come on to in a bit.

Continue reading My Research on Misconfigured Jenkins Servers

Ninite Appsheet – Patching Just Got Easier

Ninite has long been my number one tool for deploying, updating and removing popular 3rd party applications… I especially enjoy the feeling of removing Flash and Java from any where I can get my hands on 🙂

Up until now, Ninite has been completely agentless. You get a simple light-weight .exe which you can either run by double clicking or by using switches in the CLI (NinitePro.exe).
To automate the process of deploying or updating applications you previously had to script something together and schedule the .exe to run at a schedule. I don’t mean to make it sound like scripting it to make it work in your environment is difficult – it really isn’t but sometimes it can be tricky to implement for machines that are either not on the domain or simply not on the premises to receive those updates.

Please note that these new features are designed for business/enterprise environments so only available for Ninite Pro users.

Continue reading Ninite Appsheet – Patching Just Got Easier

CUCM SNMP Active Call Stats

So the title is a bit misleading but I figured it’s what most people will search if they want to get active call stats from their Cisco Unified Communications infrastructure – it’s certainly what I searched when I wanted to achieve the same thing. Turns out you can only get active call stats via SNMP from the Cisco Unified Border Element (CUBE).

I will show you how you can get the active incoming/outgoing and total external calls and how you can use these in PRTG to get a nice graph going of Active Calls Vs Bandwidth.

What you won’t see is the number of internal calls as we are only monitoring the CUBE. Internal calls don’t touch the CUBE and as far as my research went, the CUCM server doesn’t keep track of active calls… at least not without some manipulation of OIDs.

Continue reading CUCM SNMP Active Call Stats

The State of Telnet on the Internet – My Findings

This is my first in, I hope, a series of posts about the ‘state of things on the internet’ along with my findings and anything interesting I may have come across along the way.

This post will be about the state of Telnet (Port 23) on the internet from the perspective of a single internet-scanning host (read more in the methodologies section below). I’ll be going through some statistics including: top countries, top brands and/or firmware and lastly, an analysis on banner responses.

Continue reading The State of Telnet on the Internet – My Findings