OSI Network Model Described

Networking - @SeniorDBA

In the late 1970s, the International Organization for Standardization (ISO), created an abstract model of networking, called the Basic Reference Model, as standard X.200. This model is a conceptual model that describes the communication functions of a telecommunication or computing system without regard to its underlying internal structure and technology. Their goal was to promote  interoperability of diverse communication systems. The Open Systems Interconnection model (OSI model) partitions a communication system into seven abstraction layers.

In the OSI model, control is passed from one layer to the next, starting at the application layer (Layer 7) in one network device, and proceeding to the bottom layer, over the channel to the next network device and back up the hierarchy. The OSI model takes the task of inter-networking and divides that up into what is referred to as a vertical stack that consists of the following 7 layers.

Continue reading “OSI Network Model Described”

Advertisements

PCI DSS – Centralized Log Management System

SIEM - @SeniorDBA

The collection of event logs is required under the PCI DSS, which would be used to reconstruct the scope and timeline of a data breach if the network of a company that accepts credit cards is compromised. This means more companies are using their security logs to detect and analyze malicious incidents. While some might say these companies could be collecting too much log data (think billions of events per day) it is easier to exclude data in your analysis than to find details of an attack without enough log data.

A centralized log management system can help you collect all the relevant logs into a standardized format, help prevent editing/deletion of valuable evidence, provide a simple interface to perform analysis, limit who has access to the logged events, and provide one location to schedule a backup of huge amounts of data.

Security event logging basics

The best guide to security logging is the National Instituted of Standards & Technology (NIST) Guide to Computer Security Log Management (Special Publication 800-92). Although it was originally written in 2006, it still provides the basics of security log management, so it can be very helpful to anyone new to the process.

Continue reading “PCI DSS – Centralized Log Management System”

Microsoft Product Roadmap for 2018

 

There has been several recent announcements from Microsoft, outlining there proposed product releases for 2018. There has been so many announcements it might be difficult for you to keep track ofthem all, but the good news is there are people tracking the announcements for you. In this article from Gladys Rama, we get an easy to follow list of announcements from Microsoft.

Windows 10 (UPDATED: 5/29)
“Redstone 4”: Released
“Redstone 5”: Fall 2018
Teams and Skype for Business (UPDATED: 5/17)
Anticipated release: Teams updates throughout 2018, with Skype for Business Server 2019 coming in the second half of the year
Office 2019 (UPDATED: 4/27)
Anticipated release: Preview in Q2 2018, with general availability in the second half of the year
SharePoint Server 2019 (UPDATED: 5/21)
Anticipated release: Preview in June 2018, with general availability in the second half of the year
Exchange Server 2019
Anticipated release: Preview in Q2 2018, with general availability in the second half of the year
Dynamics 365 (UPDATED: 4/12)
Anticipated release: Updates throughout 2018, with a model revamp being implemented in spring
Windows Server and “Project Honolulu” (UPDATED: 5/30)
Anticipated release: Windows Server “semiannual channel” release in May 7, 2018 and in the fall, with Windows Server 2019 coming in the second half of 2018
Project Honolulu: Released
Roadmap Archives
2017 | 2016 | 2015 | 2014 | 2013 | 2012 | 2011

Please Select a Better Password

Password - @SeniorDBA

In light of the ever more frequent online breaches, we should talk again about picking a good password. People continue to pick and use poor passwords to protect their valuable information. You might not think your password is important or sought after by hackers, but it really is the only thing between the entire world and your personal online accounts.

If you have a password of eight random letters, there are about 200 billion possible password combinations. If a hacking program like Hashcat had to try them all, it would be done in about 4 minutes. If you add mixed casing and numbers into the mix, you increase the number of possible passwords and by increasing the length to 12 characters we can catapult the number of password possibilities to about 4 sextillion. When talking about the number of possibilities which are now available to users,  it would take Hashcat an estimated lifetime to work through all the possible combinations.

However, this math does not take the human factor into account. You want to select a combination of characters that you can remember and isn’t too difficult to enter a few times each day. The password also has to work within the limits imposed by the website or application where you created the password. People wanting to crack your password are also aware of those limitations. In fact, there are extensive lists of common password terms available on the internet, sorted by their popularity. The password cracking programs will just try those more common words and their common iterations  first, and that will allow for increased odds of success in a much shorter time.

Continue reading “Please Select a Better Password”

SQL Server End-Of-Life Schedule by Microsoft

There are SQL Server end-of-life dates you should be monitoring. Once a system has reached end-of-life you will no longer receive support from Microsoft, and there will be compliance issues as auditors will have issues with unsupported production systems having potential security issues. You should develop a written plan to upgrade existing systems to a supported version, test the plan to verify you won’t have any issues, and implement the plan before your existing systems reach end-of-life.

sqlserver2014

This chart from Microsoft will help you understand the end-of-life dates for the various versions of SQL Server.

Summary
SQL Server 7       - 1/11/2011
SQL Server 2000    - 4/09/2013
SQL Server 2005    - 4/12/2016
SQL Server 2008    - 7/09/2019
SQL Server 2008 R2 - 7/09/2019
SQL Server 2012    - 7/12/2022
SQL Server 2014    - 7/09/2024

SQL Server: List table columns names instead of using SELECT *

Smart and Easy - @SeniorDBA

In SQL Server, and in any common SQL language, the asterisk ( * ) tells the database engine to return all columns within a table. Using “SELECT *” in your queries is a bad idea, and the reasons why we don’t recommend this is:

    • Security – If an unauthorized user gets access to your query and it returns * (meaning all columns)  it could leave every column available for misuse.
    • Performance – It should always be faster to return the data just the columns you need than for all available columns. When using “SELECT *” the column list is resolved each time you run the statement, so it is almost always true that it is faster to return just the columns you need instead of all columns.
    • Confusion – As things change over time, you really can’t be sure that a query written today using “SELECT *” will return results easily digestible by the program or report that must consume the data in the future. Columns may be added or removed to a table over time, and if you specify columns in your SELECT queries you know exactly which ones will be returned.

We know the reason must people use “SELECT *” in a query is because it is easy and fast. So how can we make using the column names easy and fast?There are a few examples that make it extremely easy to list the column names from a table.

Continue reading “SQL Server: List table columns names instead of using SELECT *”

Enabling Windows Defender Application Guard in Windows 10

WDAG - @SeniorDBA

On Windows 10, a relatively new feature called Windows Defender Application Guard (WDAG) allows the user to isolate Microsoft Edge browser at the hardware level using Hyper-V technology. This allows the user to protect the device and data from many malware and zero-day attacks.

Microsoft Edge running in WDAG should provide enterprises the maximum level of protection from malware and zero day attacks. WDAG for Microsoft Edge is a lightweight virtual machine that helps isolate potentially malicious website activity from reaching your operating system, applications, and critical data.

  • Isolated Browsing – WDAG uses the latest virtualization technology to help protect your operating system by creating an isolated environment for your Microsoft Edge session.
  • Help Safeguard your PC – WDAG starts up every time you visit an internet site to help keep potentially malicious attacks away from your PC.
  • Malware Removal – Any websites you visit, files you download, or settings you change while in this isolated environment are deleted when you sign out of Windows, wiping out any potential malware.

Continue reading “Enabling Windows Defender Application Guard in Windows 10”