Currently I am looking into a couple of different cloud platforms for new infrastructure projects. Microsoft Azure is creeping up rather highly on the list.

A few years ago the concepts of “security” and “cloud hosting” were diametrically opposed in many people’s minds. Security is an ironic field of IT in that technology, vulnerabilities and exploits, defense and remediation strategy, etc. all evolve very rapidly (like other areas of IT) but due to being tied in tightly with things like regulatory compliance the ideology and actual implementation of change in this area moves at a snail’s pace.

However IT is largely shifting towards cloud technologies and regulation must shift with it. The major players in the cloud hosting space have recognized a need to address security concerns and have made a concerted effort to do so.
(more…)

I have put it off for a long time… You know… actually really deep-diving and really learning a programming language. After reading, and then reading some more, and then talking to some developers where I work (we are a Microsoft Shop from pretty much top to bottom), and then reading a few more things… I have come down to learning in basically this progression (which probably sounds… and probably is… a bit haphazard):
(more…)

A quick disclaimer: Like most of the mass of humanity, I didn’t thoroughly read through the terms and conditions… That being said…

One of the most useful features I have personally found in regards to keeping up with the handful of bloggers I enjoy reading content from on a regular basis is the ability to subscribe to new posts via email. I already have my analytics and a host of other things taken care of for Kiloroot but this is one feature that has been lacking.

Being a decently experienced Drupal site builder, but very green in regards to WordPress… I wasn’t aware that implementing this feature was so easy. So forgive me if this post sounds a bit noobish to you experienced users of the platform out there.
(more…)

Free penetration testing tools abound. Free, easy-to-use penetration testing tools… not as much. Free, easy-to-use, web-hosted penetration testing tools, rarer still.

I came across an excellent, web-hosted NMAP port scanning tool and I wanted to make sure I linked it here in case I needed it again in the future. Without further ado…

https://pentest-tools.com/discovery-probing/tcp-port-scanner-online-nmap

I haven’t explored the rest of the site, but the ability to quickly hit a public site and “fingerprint” the most common open ports is very very handy. I hope others find this as useful as I have! What is nice about it, is that because it is web-hosted, it requires zero setup on your own machine and quickly running scans is simple as everything is GUI’d.

I have found zenmap useful if you are looking for something locally hosted to do internal scans between machines. It isn’t quite as easy to use and I have gotten some odd results from it but it provides more flexibility, especially on windows, vs. just going to the cmd shell and running the common “ping” and “telnet” commands.

While we are on the topic of excellent, free, web-hosted tools. SSL Labs has an absolutely phenomenal SSL testing suite for checking your sites SSL security. In the wake of heartbleed, there has been a lot of attention given to SSL security. If you are a company that runs a public site or sites with SSL, I recommend you start checking them now to make sure that they are configured as well as can be.

You can access that tool here:
https://www.ssllabs.com/ssltest/analyze.html

Reference:
http://security.stackexchange.com/questions/32/what-tools-are-available-to-assess-the-security-of-a-web-application/38#38
https://pentest-tools.com/discovery-probing/tcp-port-scanner-online-nmap
https://www.ssllabs.com/ssltest/analyze.html

Whenever I start a new site of any kind there is always that question of how quickly will the traffic come?

I actually built and continue to run these three other public sites:

http://rth.rockchipfirmware.com
https://www.topnotchtablets.com
http://www.rockchipfirmware.com

The first site (Roman’s Tech Help) was originally a blogger (i.e. the Google blogging engine…) blog that was dedicated to getting people up and running with custom firmware for their Western Digital Media Players back in the olden days of digital media consumption in the living room… before the Roku and Smart TVs started dominating that space. (more…)