Cloud Insidr

Cybersecurity in the Age of the Machine

  • Subscribe!
  • Privacy Policy
  • Legal
  • Contact Us

Join us on Twitter: @CloudInsidr

  • news & alerts
    • events
    • industry analysis
    • industry gossip
    • people
  • cloud, edge & co.
    • AWS
    • administration & orchestration
      • web servers in the cloud
      • mail servers
      • databases
  • cybersec & warfare
    • encryption
  • blockchain
Home Archives for Uncategorized
Running Microsoft Azure In Your Own Data Center

Cloud Insidr 2020-09-29 Leave a Comment

Running Microsoft Azure In Your Own Data Center

In the stormy race of the digital transformation, the hybrid landscape of corporate IT is increasingly evading manageability. Could the control plane of a hyperscaler provide a lasting remedy? Would you need special hardware?

[Read more…]

Filed Under: Uncategorized Tagged With: Azure, Azure Active Directory, Azure Arc, Azure Lighthouse, Azure Resource Manager

Tip of the day: domain intelligence services by CentralOps

Cloud Insidr 2020-01-10 Leave a Comment

Tip of the day: domain intelligence services by CentralOps

Here is one nifty service that can dig up useful information about a website, a domain or an IP address and it doesn’t cost a dime.

[Read more…]

Filed Under: DNS, tips and tricks, Uncategorized, web servers in the cloud Tagged With: domain, network, tip, Whois

DNS over HTTPS

Cloud Insidr 2019-08-08 Leave a Comment

DNS over HTTPS

Many government agencies and multinationals alike have repeatedly fallen victim to hacking, but little to nothing has been done to fix the problem once and for all.

There is no silver bullet. In matters of cyber security, a so-called solution can only offer a time-limited value. Cyber security threats are always evolving. Cyber criminals never stand still. You have to keep shooting your silver bullets if you even happen to have them.

DNS-over-HTTPS protocol (IETF RFC8484) (DoH for short) is such a solution to the pressing cyber security problem of unencrypted communications. It was designed by the Internet Engineering Task Force, Google, Mozilla and others.

DNS versus DNS over HTTPs

Actually, DoH sounds like something of an overkill. After all, HTTPs connections are encrypted already, so why bother implementing DNS over HTTPS?

DoH works by sending DNS requests via an encrypted HTTPS tunnel instead of using a classic plaintext UDP request.

Wait, there is more to it. DoH is not just encrypted, it works on the app level instead of the OS level. The idea behind DoH is to use DNS-over-HTTPS connections between an app (e.g. a browser or a mobile app) and an encrypted  DoH-compatible DNS server, called a resolver.

The complete DoH-traffic relies exclusively on HTTPS without any exceptions. That’s the beauty of the DoH concept.

All DoH domain name queries are encrypted and then camouflaged in regular web traffic, which is in turn sent to the DoH-compliant DNS-resolver. The latter one replies with a domain name’s IP address over HTTPS.

Don’t trust the Operating System

While open source operating systems like Linux, BSD or Solaris are designed to be highly secure, commercial off-the-shelf operating systems like Windows and macOS usually don’t hold a candle to the standards of enterprise-grade security. As a house owner you wouldn’t secure just the front and the garage doors while keeping the side doors wide open. But that’s how commercial operating systems nowadays work.

Cyber security in commercial operating systems is only skin-deep. Where no one is looking, security is usually non-existent.

As a result of the DoH-design, apps can re-gain control of DNS queries from intentionally half-baked operating systems by hard-wiring a list of trusted DNS-over-HTTPS servers (resolvers). This way, you can set up a list of your own trusted IPs with trustworthy resolvers.

DNS-over-HTTPS is gaining steam

The list of cyber security mishaps reads like the Who is Who of the IT industry and government. No one seems immune. DoH is one way you can regain a bit of security.

Filed Under: Uncategorized Tagged With: DNS over HTTPS, DoH

TLS 1.3 and its implications for cyber security

Cloud Insidr 2018-10-04 Leave a Comment

TLS 1.3 and its implications for cyber security

The rise of Quantum computing and the cloud is rewriting the rules of what constitutes “encrypted” communications — with profound implications for the cyber security of our homeland.

“The cyber threat landscape is shifting in real-time, and we have reached a historic turning point,” said Kirstjen Nielsen, U.S. Secretary of Homeland Security, in a recent statement. “It is clear that our cyber adversaries can now threaten the very fabric of our republic itself.”

Cybersecurity incidents and data breaches of recent years seem to provide evidence of an invisible warfare raging across the industrialized world with financial, energy and communications systems covertly under constant threat. At the same time, the dependence on data integrity and the reliability of critical infrastructures, particularly cyber physical systems in the military, is growing in importance by the day.

[Read more…]

Filed Under: encryption, homeland security, Uncategorized

How to upgrade the Linux kernel in Fedora 28/29 quickly and easily

Cloud Insidr 2018-06-17 Leave a Comment

How to upgrade the Linux kernel in Fedora 28/29 quickly and easily

As zero-day exploits become increasingly common, keeping the kernel up to date is a top priority.

In CentOS 6.x/7.x and RHEL 6x./7.x, upgrading the Linux Kernel is a painful procedure which requires about a dozen steps. On Fedora, all it takes is a time-saving two-liner. You don’t need to concern yourself with the configuration of the grub boot manager, which is a frequent source of trouble on CentOS and RHEL.

[Read more…]

Filed Under: Linux, Uncategorized Tagged With: CentOS, Fedora, Fedora 28, Linux, Linux Kernel, RHEL, upgrade

  • « Previous Page
  • 1
  • 2
  • 3
  • 4
  • …
  • 6
  • Next Page »

Subscribe

Find the monitor that's right for you.

SSL/TLS Certificate Square (250 x 250)

Tag Cloud

AWS AWS Billing Dashboard AWS Config AWS Cost Explorer AWS EBS AWS Resource Explorer AWS Tag Editor AWS Trusted Advisor cipher suites cyber security Diffie-Hellman EBS EC2 ECDHE Five Eyes Alliance FLAME HSTS HTTP/2 Java Linux Log4j NGINX NVMe PHP RCE Route 53 SELinux SHA-1 SHA-2 SQL SSL TLS

Pearson Education (InformIT)

SSL/TLS Certificate Medium Rectangle (300 x 250)

©2022 CybrAnalytiqa OÜ

  • Content purchasing and syndication