2019-019-Securing your RDP and ElasticSearch, InfoSec Campout news

53:11
 
Share
 

Manage episode 234076106 series 124251
By Bryan Brake and Bryan Brake - CISSP | Information Security | Vuln Management. Discovered by Player FM and our community — copyright is owned by the publisher, not Player FM, and audio is streamed directly from their servers. Hit the Subscribe button to track updates in Player FM, or paste the feed URL into other podcast apps.

https://static1.squarespace.com/static/556340ece4b0869396f21099/t/5cc9ff79c830253749527277/1556742010186/Red+Team+Practice+Lead.pdf

https://www.reddit.com/r/netsec/comments/bonwil/prevent_a_worm_by_updating_remote_desktop/

https://blogs.technet.microsoft.com/msrc/2019/05/14/prevent-a-worm-by-updating-remote-desktop-services-cve-2019-0708/

https://security.berkeley.edu/resources/best-practices-how-articles/system-application-security/securing-remote-desktop-rdp-system

https://www.bleepingcomputer.com/news/security/unsecured-survey-database-exposes-info-of-8-million-people/

https://www.elastic.co/guide/en/elasticsearch/reference/current/configuring-security.html

https://www.elastic.co/blog/found-elasticsearch-security

https://dzone.com/articles/securing-your-elasticsearch-cluster-properly

Auth is possible, using reverse proxy… this is basic auth :( https://github.com/Asquera/elasticsearch-http-basic

Here’s one that uses basic auth and LDAP: https://mapr.com/blog/how-secure-elasticsearch-and-kibana/

2fa setup: https://www.elastic.co/guide/en/cloud/current/ec-account-security.html

Check out our Store on Teepub! https://brakesec.com/store

Join us on our #Slack Channel! Send a request to @brakesec on Twitter or email bds.podcast@gmail.com

#Brakesec Store!:https://www.teepublic.com/user/bdspodcast

#Spotify: https://brakesec.com/spotifyBDS

#RSS: https://brakesec.com/BrakesecRSS

#Youtube Channel: http://www.youtube.com/c/BDSPodcast

#iTunes Store Link: https://brakesec.com/BDSiTunes

#Google Play Store: https://brakesec.com/BDS-GooglePlay

Our main site: https://brakesec.com/bdswebsite

#iHeartRadio App: https://brakesec.com/iHeartBrakesec

#SoundCloud: https://brakesec.com/SoundcloudBrakesec

Comments, Questions, Feedback: bds.podcast@gmail.com

Support Brakeing Down Security Podcast by using our #Paypal: https://brakesec.com/PaypalBDS OR our #Patreon

https://brakesec.com/BDSPatreon

#Twitter: @brakesec @boettcherpwned @bryanbrake @infosystir

#Player.FM : https://brakesec.com/BDS-PlayerFM

#Stitcher Network: https://brakesec.com/BrakeSecStitcher

#TuneIn Radio App: https://brakesec.com/TuneInBrakesec

292 episodes