Security in Obscurity

Exploiting WiFi Direct

While WiFi Direct is billed as a secure method for connecting to IoT devices using it can be risky, October 2019

WiFi Direct is a wireless standard commonly used by many IoT devices including desktop printers as a way to offer convenient, wireless connections to the equipment. While WiFi Direct is billed as a secure method for connecting to IoT devices using the "latest WiFi security technology" i.e. WPA2, using WiFi Direct can be risky. In particular, instances in which the WiFi Direct device is also connected to a wireless network, WiFi Direct can offer an avenue for an attacker to target the additional wireless network. For this thought, I have gone through a variety of attack scenarios on how WiFi Direct can be exploited.

Message Authentication Config Options

Three email authentication standards I recommending focusing on are SPF, DKIM and DMARC, September 2019

When it comes to addressing email security, message integrity should be a main focus to mitigate spoofing attempts on your domain. While message integrity is not build into the SMTP protocol from a design standpoint there are a few frameworks to address the deficiencies. The three email authentication standards I recommending focusing on are SPF, DKIM and DMARC.

Guide to counter denial-of-service (DoS) and DDoS attacks: Offsetting Risk with Cloud Services (Part 4)

This thought focuses on ways to offset the risk of a DDoS attack leveraging cloud services, August 2019

What can you do to counter a denial-of-service attack? There are a number of ways to counter denial-of-service (DoS) and distributed denial-of-service (DDoS) attacks. This thought focuses on ways to offset the risk of a DDoS attack leveraging cloud services and is the final though of a four part series on countering DoS and DDoS attacks.

Constructing a Website with AWS: Beyond S3 (Part 2)

The low overhead with AWS has been nice to effectively manage my blog, June 2019

When examining the option to construct a website with AWS I have found that the low overhead has been nice in order to effectively manage my blog and I have discovered that I have not had to sacrifice security in the process. I am able to leverage HTTPS across my site as well as effectively control access to content. I have even been able to build a mini CICD pipeline in the process. This thought focuses on going beyond just building your site out in an S3 bucket and is focused on injecting security into your website as well as better efficiencies and is a part of a two part series on constructing a static site using AWS.

Constructing a Website with AWS: Getting Started and S3 Configuration (Part 1)

The costs associated with having a website has gone down significantly, June 2019

There are a variety of ways to build a website. From fully managed solutions to content management systems (CMS) such as Joomla or WordPress, the options at your disposal to make your content available on the internet are vast and the costs associated with having a website has gone down significantly. For my blog I choose to leverage the feature set provided by AWS to build a static site that is very cost effective and has low overhead in terms of infrastructure to maintain, as well as, the surface area required to secure the website. This thought focuses on getting started with your AWS account and building out your S3 design to host your website and is part of a two part series on constructing a static site using AWS.