Introduction On October 14th, 2014, POODLE (Padding Oracle On Downgraded Legacy Encryption), a vulnerability in version 3 of the SSL encryption protocol was disclosed. This vulnerability allows an attacker to read information encrypted with this version of the protocol in plain text using a man-in-the-middle attack. Even though SSLv3 is an older version and is… Read more »
Posts Categorized: PCI
ZZ Servers, a leading provider of shared and dedicated PCI-compliant hosting, has announced a new HIPAA hosting platform powered by InterWorx, the advanced web hosting control panel, to provide secure and standards-compliant hosting to a wide range of SMB and enterprise clients.
Managing Partner, David M. Zendzian, will be giving a short presentation on SSL/TLS protocol, security and configuration issues on Brighttalk tomorrow at 12 EST. SSL is a well designed protocol to ensure communications between two points are secured and that 3rd parties are not able to view the protected communications. As such many applications have… Read more »
ZZ Servers Managing Partner, David M. Zendzian (@dmz006) will be presenting How Do You Know Your Colo Isn’t “Inside” Your Cabinet, A Simple Alarm Using Teensy” which is based on a prior blog post.
The first step in securing servers is to ensure that they are physically as secure as possible and and then monitored for unauthorized access Many times when setting up servers in a small office or co-location facility many people have their systems in a locking cabinet within a moderately secured physical building. However a determined… Read more »
As with any user of OSSEC, analyzing and working with the data is the key to successfully managing your environment. From a prior post you can see we are monitoring events as they occur which is good for catching serious issues as they occur; however, it is not usually the best way to document what… Read more »