Browsed by
Tag: network segmentation

pfSense VLANs on Proxmox

pfSense VLANs on Proxmox

Proxmox is a server virtualization management platform. In many ways, it is an open-source version of ESXi for VMware. While Proxmox is growing on me, the documentation is a bit on the short side and/or in many cases flat out wrong because it has changed so much. I found this out when trying to virtualize pfSense and I was playing around with VLANs. One source said to do it this way, another said something completely different. The kicker is that…

Read More Read More

Presentation – HL7 Insecurities

Presentation – HL7 Insecurities

HL7 Data Interfaces in Medical Environments – Attacking & Defending the Achilles’ Heel of Healthcare This security research served as a 2-part SANS gold paper examining the insecurities of the HL7 messaging standard. This presentation is a combination of those two papers. HL7 is arguably the most fundamental flaw in healthcare IT. It is used extensively for system-to-system communications and is in nearly every healthcare facility worldwide. The first paper is an overview of what can be done with stolen…

Read More Read More

Redirect outgoing NTP traffic to an internal NTP server

Redirect outgoing NTP traffic to an internal NTP server

Tired of seeing outbound NTP blocks in your firewall logs because you restrict outgoing traffic? Or maybe you are receiving alerts because some device uses NTP pool resources (such as pool.ntp.org) and one of those IP addresses has ended up on a blacklist, blocklist, threat intelligence feed, etc? Either way, few things in the life of an IT or security professional are as frustrating as false positives. This write-up will help you change that with a little NAT magic, aka…

Read More Read More

Hacking HL7 Data Interfaces in Medical Environments: Attacking and Defending the Achille’s Heel of Healthcare

Hacking HL7 Data Interfaces in Medical Environments: Attacking and Defending the Achille’s Heel of Healthcare

This security research paper is the second of two examining the HL7 messaging standard, which is arguably the most fundamental flaw in healthcare IT. HL7 is used extensively for system-to-system communications and is in nearly every healthcare facility worldwide. The first paper is an overview of what can be done with stolen medical data, what HL7 is, as well as potential dangers inherent to HL7. The second paper moves beyond theory and is an in-depth, technical discussion on ways to…

Read More Read More

HL7 Data Interfaces in Medical Environments: Understanding the Fundamental Flaw in Healthcare

HL7 Data Interfaces in Medical Environments: Understanding the Fundamental Flaw in Healthcare

This security research paper is the first of two examining the HL7 messagiang standard, which is arguably the most fundamental flaw in healthcare IT. HL7 is used extensively for system-to-system communications and is in nearly every healthcare facility worldwide. The first paper is an overview of what can be done with stolen medical data, what HL7 is, as well as potential dangers inherent to HL7. The second paper moves beyond theory and is an in-depth, technical discussion on ways to…

Read More Read More

Shadow Brokers Dump And Best Practices

Shadow Brokers Dump And Best Practices

Well that’s a weird title, right? Now that the dust has settled to some degree, let’s look at a not-so-obvious takeaway from the latest security news that simultaneously set everyone’s hair on fire? The latest Shadow Brokers dump is bad on so many different levels. Let’s not concentrate on the potential levels of government and private industry collusion our guts told us existed, but we weren’t sure of. Even now, Microsoft is claiming the vulnerabilities were fixed as part of a…

Read More Read More