February 9, 2021

E-mail Plus Addressing Against Credential Stuffing

Before I start I should probably say what credential stuffing and e-mail plus addressing are. Knowing what credential stuffing is will also let you understand why you should care. Definitions Credential Stuffing is a type of cyberattack where stolen account credentials typically consisting of lists of usernames and/or email addresses and the corresponding passwords (often from a data breach) are used to gain unauthorized access to user accounts through large-scale automated login requests directed against a web application. Read more

January 1, 2017

Firewalls -block rather than scan

If you run a so called “New Generation Firewall” it will probably have an IDS/IPS system that scans all traffic. This eats a lot of CPU and slows down your firewall. There are lots of reliable lists (blocklists) of IP addresses out there that you can use to drop traffic from the bad guys before scanning, saving lots of CPU and increasing your throughput. Research the lists you plan to use, here is a good place to start your research: FireHOL IP Lists. Read more

© Arnold Greyling 2023