Welcome to part 4 of our homegrown NCM adventure, thanks for joining us. I appreciate your interest in this project. LARG*ncm scratches an itch we have but there has been wonderful support and interest in this project so it seems like others have the same itch.
Read MoreThis quest began when we (and the world) discovered SolarWinds’ alarming lack of security. The RCEs keep dropping which further justifies the decision to abandon SolarWinds.
Read MoreWe started with open source projects that are free to set up and use to get an idea of our options and what features we can’t live without. The top contenders in this field are Rancid, Oxidized, Trigger, Rconfig, and Netshot. My first requirement is a Web UI eliminating Rancid, Oxidized, and Trigger off the hop. Off to a good start!
Read MoreWe were using SolarWinds’ NCM (Network Configuration Management) tool at the time for configuration backups and auditing. We followed Fireeye’s mitigation recommendations from their blog post and took our server offline, evaluated hashes and other indicators of compromise, and determined that we were not compromised.
Read MoreI received some emails related to new authentication requirements when working on my Github projects after the holidays.
Read MorePassword policies are common in enterprise environments. Windows Active Directory has a basic one enabled by default after all. Unfortunately a lot of organizations either leave the default policy in place or make minor changes and never think about it again.
Read More
