IT Pro Tuesday #319
Welcome back to IT Pro Tuesday!
In the latest Security Swarm Podcast: “The Magic Behind DMARC, DKIM, and SPF?” we discuss the email authentication protocols of SPF, DKIM, and DMARC. You’ll hear what these protocols are, how they work, and why they are important for protecting against email spoofing and impersonation attacks.
We’re looking for favorite tips and tools we can share with the community… those that help you do your job better and more easily. Please share your suggestions on the IT Pro Tuesday subreddit, and we’ll be featuring them in the coming weeks.
Now on to this week’s list!
A Free Tool
Snort is an open-source intrusion prevention system that uses a series of rules to define malicious network activity and find packets that match—generating alerts for users. Can be deployed inline to stop problem packets. Kindly suggested by Credibull.
a Tip
A method for getting the known SSID profiles and password, compliments of Ammonia0684 and warbleagarblegarble:
Netsh wlan show profiles
Netsh wlan show profile “”nameofprofile”” key=clear”
(run as admin)
Security News
When privacy expires: how I got access to tons of sensitive citizen data after buying cheap domains explains the troubling results of a large-scale privacy investigation related to abandoned domains. Iriguchi explains, “The article is very much worth the read and well written too… about the possible risks attached with letting domains expire that previously received sensitive data.”
Another free tool
Zulip is a well-organized chat app that’s designed for distributed teams of any size. Conversations are labeled by topic, so you can easily read each thread. SleepingProcess explains, it’s the closest “to slack features, can be selfhosted… it has a free tier as well.”
Yet another free tool
Techdirt offers insight on the latest legal challenges in technology as well as related business and economic policy issues. You’ll find articles on intellectual property, patent, data privacy, civil liberties, and copyright issues. Appreciation for the recommendation goes to sassanix.
P.S. Bonus Free Tools
pfSense is an open-source firewall and router you can manage via web interface. It is a customized distribution of FreeBSD with many related features and a package system for bloat-free expansion without adding potential security vulnerabilities to the base distribution. Thanks go to austindcc for this one!
OpenWrt is an open-source option for embedded OSes based on Linux. Provides a fully writable filesystem with package management that can be used to route network traffic on embedded devices. LippyBumblebutt says, “IMO if OpenWRT is configured properly (good password for webui, webui not exposed to the web, maybe key-only SSH exposed or Wireguard VPN exposed) and you do firmware updates as soon as they become available, OpenWRT is probably more secure then 95% of the OEM routers.”