Episode lucky #7!!!

In this episode I talk about external network vulnerabilities that we see in many of our assessments – some of which are pretty easy to clear up.

Download: Episode 7: External Vulnerabilities that Byte (audio)

Show notes:

  • RC4 – a risk that we find just about anywhere SSL is used, but in most cases it’s pretty easy to take “off the menu.”
  • Self-signed certs are bad, especially for anything where a login is used.  Public SSL certs have come down in cost – especially wildcart certs – so use ‘em!
  • DNSSEC – I’ve yet to come across a domain I’ve audited that has DNSSEC enabled (Google doesn’t see many DNS requests that are DNSSEC-enabled), but now’s the time to read up on it.  I think it will become a hotter topic this year and next.
  • SPF records are easy to make, so use ‘em!