Author: rwolf

First Google Ghetto

Have you ever heard these terms? That’s not a professional solution That’s not business class That’s not enterprise class That’s hodge podge That’s…whatever derogatory phrase someone can say to make your recommendation or solution seem ghetto and less than… Try not to take offense my dear engineer.  Why?  Because you’re […]

Read More

Highly available IPSEC VPN

Does your company have multiple sites needing serious up-time on both Internet and VPN?  If so then you need PFSense and a DYNDNS provider.  Why?  Let me explain… PFSense is a router / firewall and in our opinion one of the best.  It’s free, Open Source and has reasonable pay […]

Read More

Why the hackers are winning reason #2

Here’s a reason the hackers are winning: Reason #2:  Lazy good for nothing ISP / hosting company security teams & poor practices (#ISPidiots). We operate our own RBL, Realtime Block List (although…most like to call it a black list or a black-hole list we don’t use that term and who […]

Read More

Corporate Routers & Open Source – GET REAL!

I’m pushing back!  Why?  Because you dear reader NEED to be enlightened (possibly).  Perhaps you’re already an enlightened digital soul…? MOST ROUTERS ARE OPEN SOURCE: Did you know most routers controlling corporate networks or even your home are “open source”…here’s a list?  Open Source shouldn’t be a dirty word anymore, […]

Read More

Why the hackers are winning reason #1

Here’s a reason the hackers are winning: Reason #1:  Stupid TLD registrars who make it nigh impossible to report abuse (#ISPidiots). Our honeypot detected a brute force attempt from IP address:  91.191.19.58 Well lets do some looking into this abusive host / IP. The first thing we do is a […]

Read More

Petya Ransomware

Petya’s been in the news lately so I thought I’d take a lookielou at it.  I found an interesting GitHub post about the topic here.  Here are my notes on the matter. * Our Whackers For Hackers IPBL blocked the distribution points for the most part (our firewalls would have […]

Read More

What Microsoft says about BSD (and thus PFSense)

Ignorance is bliss right?  Not when it comes to budgets, your health, relationships, that wart developing on your face…well, maybe in a lot of things ignorance isn’t bliss now that I think about it but certainly not when it comes to your corporate edge which is our topic of discussion.  […]

Read More

LEAN IT

LEAN is a manufacturing term often used to describe process improvement that minimizes waste.  <– That’s a LEAN sentence!  With respect to IT and IT solutions, waste in our view is over spending.  There are certainly other factors like under-skilled staff wheel spinning turning small tasks into mammoth undertakings but […]

Read More

DNS block lists & why you NEED to use them!

We all know about IPBL’s or “IP Block Lists” (a.k.a IP Blackhole Lists).  They’re great right?  What about applying the same logic to DNS? DNS works like this: On your computing device you browse to yahoo.com and your computing device says…hey, I don’t happen to know what yahoo.com is…hey DNS […]

Read More

Country Blocking & why you NEED to do it

Out of the box all of our Firewall-Z routers are configured to do country blocking.  Whether you use the embedded, install-able, virtual machine, rack mounted, etc versions…they’re all the same.  Country blocking is a pay for extra on many routers or you have to go above and beyond to hack […]

Read More

Fireball Malware and Malvertising

A new Malvertising attack is in the news…isn’t it always?  This time (June of 2017) it infected / affected 250 million hosts.  How does it work?  It works by leveraging the online advertising mechanisms that advertise to you!  This one is “new” in that it generates revenue by fake clicks […]

Read More

IP Block Lists

There are many ways to protect your network.  One of the many ways EITS works to protect their clients is with a “honey pot” the unsuspecting hacker or hacker bot finds.  They or their mechanisms try to hack any number of services (mail, ftp, ssh, etc) which we detect then […]

Read More

Programmatically block TOR networks easily

There are many reasons to block TOR networks. Unchecked anonymity of your staff to surf without accountability Hackers and the dregs of the Internet like to use it as a platform to do criminal acts online and potentially attack you anonymously It’s a potential vector for information leakage …and more. […]

Read More

Maximizing Network Bandwidth

We recently ran into issues with Broadcom (QLogic) network cards on a few servers.  Turning Jumbo Frames on to increase capacity allowing 9,000 bytes instead of the default 1,500 bytes actually caused us to experience a dramatic reduction in overall capacity and bandwidth.  I used a program called iperf to […]

Read More

Automated scrapper to gather email addresses

This is a two fold post about how we can leverage programming, scripting and other tools in our tool belt to automate tasks and make IT work look easy (although it isn’t always easy) and about IT security. Demonstrate an automated method to automatically download and parse email addresses from […]

Read More