Josh Lemon

Cyber Security Incident Response Director & SANS Instructor

One of my common bugbears with businesses is the idea that a Distributed Denial of Service (DDoS) attack is an incident that should be managed and handled by your Cyber Security Incident Response team. It's not and here is why..... Receiving rubbish traffic to a web server, or any service for that matter, that you stick on the internet is just a part of being online and businesses need to accept this upfront and plan for it. It's no different to planning when you drive a car, you decide on the best route with least traffic and when there is…

When you install BTSync from the Ubuntu repositories it currently is set up as a service assuming you're running a server. This is generally a good thing, from a security standpoint, as it is set up with a new user account to keep BTSync permissions isolated from other users. However, BTSync running as a service with a separate user account can be a little bit of a pain if you want BTSync to share out folders from your /home/{username} directory. This is an issue because your home directory folders are set to only be accessible by your user account,…

OK, so I thought it is finally time that I actually get serious about my contribution back to the internet as it's been so kind to me for a long time. So this blog is essentially a lot of my random thoughts on the Information Security industry, mainly; Digital Forensics, Incident Response and Penetration Testing. I'll also use this Blog for a lot of sys admin things that I do all the time and usually have to piece together from various places around the internet.....mainly so I can repeat them again, but also in the hope they are useful…