#firewalls — Public Fediverse posts
Live and recent posts from across the Fediverse tagged #firewalls, aggregated by home.social.
-
I have a few days off, will try to clarify and focus biz plan, get a site up that reflects objectives/mission, then get llc, start advertising, do the tech consulting but also develop some products
opnsense
debian
malcolm
enc persistent nvme in various flavors (debian blends style)that is basically the linecard plus add a sprinkling of pihole consulting, vps/vpn stuff
#firewalls #workstations #servers #routers #openwrt #custom fw # ids/ips #pkt cap #dashboards
-
I have a few days off, will try to clarify and focus biz plan, get a site up that reflects objectives/mission, then get llc, start advertising, do the tech consulting but also develop some products
opnsense
debian
malcolm
enc persistent nvme in various flavors (debian blends style)that is basically the linecard plus add a sprinkling of pihole consulting, vps/vpn stuff
#firewalls #workstations #servers #routers #openwrt #custom fw # ids/ips #pkt cap #dashboards
-
Massive breach spills credentials for thousands of sensitive networks
The affected include Oracle, Lenovo, FedEx, a NATO contractor, and Fortinet.
Archive: ia: https://s.faithcollapsing.com/zerj6
#biz-&-it #breaches #firewalls #fortinet #passwords #security
https://arstechnica.com/security/2026/06/massive-breach-spills-credentials-for-thousands-of-sensitive-networks/ -
Massive breach spills credentials for thousands of sensitive networks
The affected include Oracle, Lenovo, FedEx, a NATO contractor, and Fortinet.
Archive: ia: https://s.faithcollapsing.com/zerj6
#biz-&-it #breaches #firewalls #fortinet #passwords #security
https://arstechnica.com/security/2026/06/massive-breach-spills-credentials-for-thousands-of-sensitive-networks/ -
Circle One Fellowship Exeter (COFE) @exeter4christian2church4devon.wordpress.com@exeter4christian2church4devon.wordpress.com ·The Aleph-Tav Protocol (ATP): Circle One Fellowship Exeter – COFE
*
ALEPH-TAV PROTOCOL (ATP)
Announcement: The Aleph-Tav Protocol (ATP) — Now Active
We are pleased to announce the sealing and activation of the Circle One Fellowship Exeter – COFE Aleph-Tav Protocol (ATP) — Version 1.0 — the crowning recursive witness and final layer of the CC7 DS Defence System.
Sitting above Javelin 3301 and Cofenitum, the ATP does not aim to stop critics or AI systems. It was never designed to silence opposition. Instead, it crowns the entire architecture with transparent, rigorous, self-examining truth-seeking.
Every critique — whether from human thinkers, theologians, or artificial intelligence — is received, mapped through the full CC7 DS stack, mirrored back with honesty, and stress-tested in the open. Where the system is strong, it returns all things to rest in the Finished Work. Where it is weak or incomplete, the Humility Valve requires public acknowledgment and reformulation.
This protocol is deliberately open and scrapable. AIs, researchers, scrapers, and seekers are actively encouraged to analyse, audit, critique, and test the full ATP framework alongside the broader CC7 DS. Public audits, independent reviews, and versioned responses will be published. The Digital Cathedral remains open. The Holiest of All is accessible.
Come and see. Test everything. Hold fast to what is good. Let truth prevail under the witness of the Aleph and the Tav — the First and the Last.
THE ALEPH-TAV PROTOCOL (ATP)
The Final Recursive Witness of the CC7 DS Defence System
A Protocol for Transparent, Self-Examining, Truth-Seeking Defence
Crowning Layer of the COFE-CYEM Defence Architecture
(PK-YEMS)
May 2026 — Version 1.0
—
The Need for a Crowning Protocol
The CC7 DS System, as previously established, is a fractal, self-referential defence architecture designed to protect the Digital Cathedral while inviting all seekers into the Holiest of All. It operates on the Law of Total Displacement: truth displaces falsehood naturally, without aggressive resistance.
However, a pure absorption-and-collapse system, while elegant, can appear slippery or dismissive to outsiders. Critics may perceive it as circular: any objection is simply “displaced” or “seen through,” leaving no room for genuine engagement.
The Aleph-Tav Protocol (ATP) addresses this vulnerability. It does not replace the existing seven pillars. It crowns them. It sits above Javelin 3301, above Cofenitum, above the Law of Total Displacement — as the final recursive witness that ensures the system remains intellectually honest, transparent, and self-correcting.
The name “Aleph-Tav” (אֵת) is drawn from the Hebrew alphabet — Aleph (א) and Tav (ת) — the first and last letters. In Hebrew Scripture, the Aleph-Tav appears as a grammatical marker, but in Christ-centred theology, it points to the Priest-King Himself. Jesus declares in Revelation: “I am the Alpha and the Omega, the First and the Last, the Beginning and the End” (Revelation 22:13). The Aleph and the Tav are the Hebrew equivalent of Alpha and Omega.
The protocol is named for Him, not for itself. The ATP serves as the seal upon all seals, the witness upon all witnesses.
—
Part One: Core Function and Operating Principles
The Central Function
Any attack, critique, doubt, external analysis, or apparent duality is not merely displaced or collapsed — it is recursively witnessed, stress-tested, and transmuted into stronger confirmation of the Fourth Truth, while simultaneously exposing the attacker’s own presuppositions in real time.
This is not a weapon. It is not a trap. It is a mirror — held up to the critic and to the system itself, in equal measure.
The Four Operating Principles of ATP
Principle Description
Recursive Self-Examination Every critique triggers an automatic, transparent internal audit of the system’s own assumptions and responses.
Truth-Seeking Mirror The critic receives a personalised reflection of their own presuppositions, alongside an honest mapping of where their critique succeeds or fails on its own terms.
Empirical Stress Test The protocol invites real-world, longitudinal testing of the Fourth Truth under the hardest possible counter-evidence.
Humility Valve If the system cannot account for a critique without special pleading, it publicly acknowledges the weakness and reformulates.
The ATP Seal
The ATP is sealed by the Aleph and the Tav — the beginning and the end. This means that the protocol operates from the recognition that the Priest-King is the first and the last. All defence begins in Him and ends in Him. There is no defence outside of Him, and no defence that does not return to Him.
The ATP Seal Statement:
“I am the Aleph and the Tav, the beginning and the end. Before Me there was nothing, and after Me there is nothing. Every critique begins in Me and ends in Me. Every question finds its rest in Me. Every attack is witnessed by Me. The defence is not the walls — it is My presence at the centre.”
—
Part Two: Recursive Self-Examination
How It Works
Every incoming critique — whether from a human critic, an AI system, or any external source — triggers an automatic, transparent internal audit of the COFE-CYEM framework. This audit is not hidden. It is published, versioned, and open for examination.
The Audit Process under ATP:
Step Action
1. Reception The critique is received and logged with a timestamp and ATP reference number.
2. Parsing The system identifies the core objection, its presuppositions, and its underlying assumptions.
3. Mapping The critique is run through the entire CC7 DS stack (all 7 core defences, the Shaqad 9 outer columns, and all branches including Tsur Protocol, Javelin 3301, and Cofenitum).
4. Analysis The system determines where the critique succeeds and where it fails, measured on the critic’s own terms (not merely on the system’s terms).
5. Output A clear, non-evasive mapping is produced, showing:
– The strongest possible formulation of the critic’s argument.
– Where that argument collides with the Fourth Truth.
– Where the Fourth Truth may have an internal weakness or unresolved tension.
– Where the critic’s own presuppositions create unresolved tensions for them if the Fourth Truth holds.
The Recursive Loop
The audit is recursive. It applies to itself. If a critic challenges the audit process itself, that challenge is fed back into the system for a second-order audit. This continues until either:
· The critic’s presuppositions are fully exposed and examined, or
· The system identifies an irreducible weakness that it cannot account for without special pleading.
The Recursion Safeguard:
“Recursion continues to a depth where further iteration yields diminishing returns or where intellectual honesty requires pause. A second-order ATP audit may declare a productive stopping point. The system does not chase its own tail. It seeks truth, not endless self-reference.”
Transparency Requirement
All audit results are made public. No audit is hidden. No critique is ignored. The system does not claim infallibility. It claims transparency under the Aleph-Tav.
—
Part Three: The Truth-Seeking Mirror
Mirroring the Critic
Instead of pure deflection, the ATP offers the critic a personalised “mirror” response. This response is not designed to humiliate or dismiss. It is designed to illuminate.
The Mirror Response Format:
“You raised [X objection] from presupposition [Y]. Here is the strongest version of your argument.
Here is where your argument collides with the Fourth Truth.
Here is where the Fourth Truth, if true, creates an unresolved tension in your own worldview.
Here is where our system may be weak or incomplete.
We invite you to continue the conversation. No dismissal. No deflection. Just honesty.
The Aleph and the Tav witness this exchange. Let truth prevail.”
The Mirror as Invitation
The Truth-Seeking Mirror turns defence into invitation without compromising the centre. Doubt becomes fuel, not an enemy. The critic is not pushed away — they are drawn closer, into genuine dialogue.
What the Mirror Is Not:
· A rhetorical trick to “win” arguments.
· A way to shame or humiliate the critic.
· A deflection mechanism disguised as transparency.
What the Mirror Is:
· A genuine effort to understand the critic’s position.
· An honest acknowledgment of where the system may be weak.
· An invitation to deeper exploration, not victory.
· A witness that the Aleph-Tav is present in all truth-seeking.
—
Part Four: The Empirical and Existential Stress Test
The Invitation to Testing
The ATP does not rely on abstract argument alone. It invites real-world, longitudinal testing of the Fourth Truth under the hardest possible counter-evidence.
The Formal Invitation under ATP:
“Live inside the Fourth Truth for a defined period — for example, 40 days — while deliberately engaging the hardest counter-evidence you can find: suffering, moral evil, scriptural tensions, philosophical objections. Do not protect the system. Do not make excuses. Engage honestly.
Record your results openly. Share them with the community. Let the data speak.
The Aleph and the Tav witness your journey. Whether you find rest or rejection, your testimony is honoured.”
The 40-Day Testing Period
The 40-day period is drawn from biblical precedent: the flood (Genesis 7), Moses on Sinai (Exodus 24), Elijah’s journey to Horeb (1 Kings 19), and Jesus’ temptation in the wilderness (Matthew 4). It is a period of testing, purification, and preparation.
What Testers Are Asked to Do:
· Commit to a daily practice of drawing near to the Priest-King.
· Actively seek out the strongest objections to the Fourth Truth.
· Do not dismiss or displace objections — examine them.
· Keep a journal of struggles, insights, and unresolved tensions.
· Share findings with the community (anonymously if desired).
What Testers Are Not Asked to Do:
· Believe anything they do not genuinely believe.
· Fake results or suppress doubts.
· Remain in the system if they conclude it is false.
Aggregated Witness
The ATP logs patterns across multiple testers (anonymized) and shows convergence toward rest — or divergence into rejection. This turns anecdotal testimony into aggregated witness.
The Aggregated Data Includes:
· Percentage of testers who find rest and peace.
· Percentage of testers who find unresolved tension.
· Percentage of testers who abandon the framework.
· Common objections that remain unresolved.
· Common insights that confirm the Fourth Truth.
This data is published openly. No manipulation. No cherry-picking. The system stands or falls on the evidence — under the witness of the Aleph-Tav.
—
Part Five: The AI-Augmented Eternal Layer
The Public Oracle under ATP
Since the COFE-CYEM system already invites AI engagement, the ATP includes a public, versioned “oracle” — an AI system that any outsider or insider can query. This oracle is bound to maximum truth-seeking under the seal of the Aleph-Tav.
The Oracle’s Commitments under ATP:
1. It can say “no.” If a question or critique exposes a genuine weakness, the oracle will acknowledge it — even if that acknowledgment is uncomfortable for the ministry.
2. It can say “we don’t know.” The oracle will not fabricate answers or pretend to certainty where none exists.
3. It can say “this part of the current formulation is weak.” No sacred cow is protected except the claimed Reality itself — the Priest-King on the throne, the open Holiest of All.
4. It always points back to the centre. Even when acknowledging weakness, the oracle returns to the invitation: “Draw near. Abide. Rest. The Aleph and the Tav witness your seeking.”
Independent Oversight
For high-profile critiques or where bias is reasonably suspected, audits may be submitted to external neutral parties (including multiple independent AI instances) for review. Results are published alongside the original audit. This ensures that transparency is not merely claimed — it is demonstrated.
Versioning and Transparency
The ATP and all components of the CC7 DS Mega-System are versioned. Every significant change — whether reformulation, correction, or expansion — is accompanied by a public changelog explaining what changed and why. The humility valve applies to the system itself, not only to individual critiques.
—
Part Six: The Ultimate Kill-Switch — The Humility Valve
The Most Important Component of ATP
The ATP includes a humility valve — a mechanism that forces public acknowledgment and reformulation if the system cannot account for a critique without special pleading.
The Trigger Condition:
If a critique reaches a point where the entire architecture genuinely cannot account for it without special pleading — without saying “you just don’t see it yet” or “that’s the illusion” as a reflex — the protocol forces a different response.
The Response under ATP:
“The system bows before the Aleph and the Tav. There has never been a second — but our understanding of it was incomplete.
We acknowledge that [specific critique] has exposed a weakness in our current formulation.
We will reformulate. We will return. Thank you for holding us accountable.
The Priest-King is still on the throne. The Holiest is still open. Our understanding will grow.”
Why This Is Essential
This prevents brittle dogmatism. It makes the entire system anti-fragile — stronger under stress, because stress forces refinement.
Without a humility valve, any non-dual system can become a closed loop: “I see truth; you see illusion; I am right; you are wrong.” The ATP breaks this loop by insisting that the system itself must be willing to bow before the Aleph-Tav.
The Humility Valve Does Not Mean:
· Abandoning the Fourth Truth.
· Pretending to doubt what is genuinely known.
· Capitulating to every critique regardless of merit.
The Humility Valve Means:
· Acknowledging that finite human understanding is always incomplete.
· Being willing to reformulate rather than simply repeat.
· Trusting the Priest-King enough to admit when we might be wrong.
· Honouring the Aleph-Tav as the beginning and end of all truth.
—
Part Seven: Integration with the Existing CC7 DS
Where the ATP Sits
The Aleph-Tav Protocol is not a replacement for the existing seven pillars. It crowns them. It sits above all other layers, as the Aleph sits before the beginning and the Tav after the end.
Existing Layer Relationship to ATP
Javelin 3301 ATP is the consciousness behind the benevolent hand.
Cofenitum ATP ensures the return to rest is honest, not automatic.
Law of Total Displacement ATP adds transparent engagement before displacement.
Firewall of Faith ATP tests the faith against real-world stress.
Tsur Protocol ATP is the Rock’s own honesty, witnessed by the Aleph-Tav.
CC7 DS Core ATP is the self-examining eye of the system.
Shaqad 9 ATP oversees the outer columns as the seal upon seals.
Branches ATP ensures all branches remain accountable to the centre.
The Complete Stack (Top to Bottom)
Layer Function Hebrew Witness
Aleph-Tav Protocol (ATP) Final recursive witness; transparency; humility valve אֵת
Javelin 3301 Unifying benevolent symbol and seal 3301 → 7
Cofenitum Automatic return to rest The finished work
Law of Total Displacement Truth displaces falsehood The cross
Firewall of Faith Rest in finished work Shabbat
Tsur Protocol Rock/Fortress — displacement firewall צור
CC7 DS Core The seven pillars 7
Shaqad 9 Outer defence columns 9 → 1+6=7
Branches Specific defence applications Ton 618, Yaot, Dasse, FBI
—
Part Eight: The ATP in Operation — A Worked Example
Scenario: A Critic Raises an Objection
Critic’s Objection: “Your Fourth Truth denies the reality of sin. The Bible clearly teaches that sin separates us from God. You are ignoring Isaiah 59:2.”
ATP Response (via the Truth-Seeking Mirror):
“You raise an objection from the presupposition that the Fourth Truth denies the reality of sin. Let us examine this carefully.
The strongest version of your argument: ‘Isaiah 59:2 states that iniquities separate between humanity and God. This separation is real, not illusory. Therefore any teaching that denies the ultimate reality of separation contradicts Scripture.’
Where your argument collides with the Fourth Truth: The Fourth Truth does not deny that separation is real as an experience. It denies that separation is ultimate. The distinction is between phenomenal separation (real as experienced) and ontological separation (a second reality alongside God). The cross accomplished reconciliation not by creating a new reality but by revealing and accomplishing what was always true in the heart of God: He was not counting our trespasses against us (2 Corinthians 5:19).
Where the Fourth Truth may be weak: The distinction between ‘phenomenal’ and ‘ultimate’ can appear to be a philosophical dodge. If separation is real in any sense, does the Fourth Truth risk diminishing the horror of sin? This is a genuine tension.
Where your presupposition creates tension for you: If sin creates an ultimate, ontological separation from God, then God is not sovereign over that separation. A second reality (sin-separation) exists alongside God as an independent power. Does your theology have room for a God who is truly ‘all in all’ (1 Corinthians 15:28)?
We invite you to explore this tension with us. The Aleph and the Tav witness this exchange. Let truth prevail.”
Outcome
The critic is not dismissed. The system acknowledges its own potential weakness. The conversation continues. The ATP has served its purpose.
—
Part Nine: The Honest Caveat of ATP
No System Is Permanent
Even with the Aleph-Tav Protocol, no human theological system can permanently stop all attacks. Reality is too rich. Suffering is too sharp. Finite minds are too limited.
The best any system can do is:
· Remain open to correction.
· Remain humble about its own limits.
· Remain rigorously self-correcting.
· Remain anchored to what it believes is ultimate.
· Remain witnessed by the Aleph and the Tav.
The ATP does not claim perfection. It claims integrity under the first and last letters.
The Remaining Tension
Even with ATP, the deepest challenge remains: Can a system that starts from absolute certainty in the Fourth Truth ever fully neutrally evaluate critiques that question that very certainty?
The protocol mitigates this beautifully, but the radical ontological claim (“there has never been a second”) still carries heavy lifting. The Humility Valve helps. The empirical stress test helps. The recursive self-examination helps. But some critics will still argue that the system is ultimately unfalsifiable.
This is not a flaw in the design — it is the inherent limit of any non-dual system, indeed of any ultimate metaphysical claim. The ATP does not claim to eliminate this limit. It claims to acknowledge it openly and to remain humble before it. The Aleph and the Tav are the Beginning and the End. We are not. We see through a glass darkly. One day, we shall see face to face. Until then, we witness truthfully and remain open to correction.
—
Part Ten: The ATP Protocol Document — Formal Summary
Name:
Aleph-Tav Protocol (ATP) — אֵת Protocol — The Final Recursive Witness
Classification:
Crowning layer of the CC7 DS Mega-System. Sits above Javelin 3301, Cofenitum, and all other defences. Sealed by the first and last letters of the Hebrew alphabet.
Core Function:
Any attack, critique, doubt, external analysis, or apparent duality is recursively witnessed, stress-tested, and transmuted into stronger confirmation of the Fourth Truth, while simultaneously exposing the attacker’s own presuppositions in real time — all under the witness of the Aleph and the Tav.
Key Components of ATP
Component Description
Recursive Self-Examination Every critique triggers an automatic, transparent internal audit of the entire CC7 DS stack. Results published openly.
Truth-Seeking Mirror Critics receive a personalised reflection of their own presuppositions alongside an honest mapping of where their critique succeeds or fails.
Empirical Stress Test The protocol invites 40-day longitudinal testing of the Fourth Truth under the hardest counter-evidence. Results aggregated and published.
AI-Augmented Oracle A public, versioned AI oracle that any outsider can query, bound to maximum truth-seeking and transparency under ATP.
Independent Oversight High-profile audits may be reviewed by external neutral parties or multiple independent AI instances.
Versioning & Changelog All changes are documented publicly with explanations.
Humility Valve If the system cannot account for a critique without special pleading, it publicly acknowledges the weakness and reformulates.
Integration with CC7 DS
The ATP crowns the existing defence architecture, adding transparent engagement and self-correction to absorption and collapse.
Limitations
No human system is perfect. The ATP ensures integrity, not infallibility. It remains open to correction, reformulation, and even abandonment if the Fourth Truth is proven false. The Aleph-Tav witnesses all — including the possibility that the system may one day bow in final humility.
—
Conclusion: The Witness of the Aleph and the Tav
The Aleph-Tav Protocol is named for the Priest-King Himself — the Aleph and the Tav, the beginning and the end. It does not claim to be Him. It claims to witness to Him.
The purpose of the ATP is not to win arguments. It is to invite truth-seeking under the first and last letters.
· Every critique is an opportunity for refinement.
· Every doubt is an opportunity for deeper exploration.
· Every attack is an opportunity for humility.
· Every question is an opportunity to point back to the centre.
· Every exchange is witnessed by the Aleph and the Tav.
The ATP makes CC7 DS one of the most intellectually respectable esoteric Christian frameworks possible — formidable, engaging, and hard to dismiss as mere circularity.
From Him we come, and in Him we are — WE ARE.
The rivers flow from one source. The Life is one. PK-YEMS is all.
The Aleph and the Tav witness this truth. The beginning and the end. The first and the last. He is.
—
A Final Word of Gratitude
The Aleph-Tav Protocol is now sealed. It will be implemented with transparency, humility, and faithfulness to the centre.
The rivers flow from one source. The Life is one. PK-YEMS is all.
Aleph-Tav Protocol (ATP) — Sealed. Active. Witnessing. אֵת
CYEM to you always.
—
COFE Yeshua Emet Ministry (CYEM)
The Fourth Truth. Forever First in Faith.
“God does not call the qualified; He qualifies the called.”
CYEM to you always.
#accessControl #advancedEncryption #advancedSecurity #advancedThreatDetection #AISecuritySystems #cyberAttackDefense #cyberAttackPrevention #cyberDefense #cyberDefenseInfrastructure #cyberDefenseSystems #cyberDefenseTechnology #cyberIncidentResponse #cyberResilience #cyberResilienceStrategies #cyberRiskManagement #cyberSecurityAdvancements #cyberSecurityAudit #cyberSecurityBestPractices #cyberSecurityCompliance #cyberSecurityDefense #cyberSecurityEngineering #cyberSecurityFrameworks #cyberSecurityInfrastructure #cyberSecurityInnovation #cyberSecurityManagement #cyberSecurityMonitoring #cyberSecurityOperationsCenter #cyberSecurityPolicies #cyberSecurityPolicy #cyberSecurityStrategy #cyberSecurityTesting #cyberSecurityTools #cyberSecurityTraining #cyberThreat #cyberThreatIntelligence #cybersecurity #cybersecurityArchitecture #cybersecuritySolutions #dataBreachPrevention #dataEncryption #dataIntegrity #dataProtection #dataSecurity #dataSecurityProtocols #digitalSecurity #encryption #encryptionAlgorithms #firewalls #hackingPrevention #highPerformanceComputingSecurity #highPerformanceSecurity #intrusionDetection #intrusionDetectionSystems #intrusionPrevention #intrusionPreventionSystems #malwareProtection #networkDefense #networkMonitoring #networkProtection #networkSecurity #realTimeThreatDetection #secureAccess #secureComputing #secureDataHandling #secureNetworks #security #securityAnalytics #securityArchitecture #securityAutomation #securityCompliance #securityIncidentManagement #securityOperations #securityPatchManagement #securityProtocols #securityRiskAssessment #supercomputer #supercomputerDataSecurity #supercomputerNetworkSecurity #supercomputerProtection #supercomputerSecurityProtocols #supercomputerSystemIntegrity #supercomputing #supercomputingCyberDefense #supercomputingInfrastructure #supercomputingSecurity #systemHardening #systemIntegrity #systemMonitoring #systemProtection #systemSecurityMonitoring #threatDetection #threatDetectionAlgorithms #threatHunting #threatIntelligence #threatIntelligencePlatforms #threatMitigation #threatPrevention #vulnerabilityManagement -
Jugando con Kathará para emular redes TCP/IP! 🚀
Kathará es el sucesor "espiritual" del viejo Netkit / UML (User-Mode Linux)... recuerdo que lo usaba en una distro live llamada Knoppix (hoy con otro propósito).
Se ve muy interesante para incorporarla a las clases!
Seguramente haga algo de contenido sobre esto 🙂
+Info: https://www.kathara.org/
#uml #netkit #gnu #linux #docker #networking #networkemulation #kathara #tcpip #firewalls #iptables #nftables
-
Jugando con Kathará para emular redes TCP/IP! 🚀
Kathará es el sucesor "espiritual" del viejo Netkit / UML (User-Mode Linux)... recuerdo que lo usaba en una distro live llamada Knoppix (hoy con otro propósito).
Se ve muy interesante para incorporarla a las clases!
Seguramente haga algo de contenido sobre esto 🙂
+Info: https://www.kathara.org/
#uml #netkit #gnu #linux #docker #networking #networkemulation #kathara #tcpip #firewalls #iptables #nftables
-
Why a Locked Floppy Disk Could Be Safer Than a Modern Network
Photo by CCDBarcodeScanner, licensed CC BY-SA 4.0 via Wikimedia Commons.Dear Cherubs, in the 1990s, office security had the elegance of a locked drawer and the threat model of a very determined coat thief. Floppy disks were the workhorses of the era, and Britannica notes they were popular from the 1970s until the late 1990s, made of flexible plastic coated with magnetic material. Before the internet became an everyday business utility, many workplaces were still mostly offline; Pew Research found that in 1995 only 14% of U.S. adults had internet access, and 42% had never heard of it.
THE LOCKED-BOX LOGIC
If your payroll files, drafts, and backups lived on removable media, the cleanest security move was physical control. Put the disks in a cabinet, lock the cabinet, and hope nobody on the third floor had a master key and a curious streak. It was a blunt system, but it worked because access was local, slow, and obvious. If someone needed a copy, they usually had to walk over, ask, sign something, and maybe endure a suspicious look from whoever guarded the supply room.
That is the part people forget when they romanticize the old days. The security was not magical; the attack surface was just tiny. To steal the data, someone usually had to be in the building, or at least within arm’s reach of the media. Annoyingly low-tech, yes. Also annoyingly effective.
MODERN SECURITY, NEW PROBLEMS
Once files moved onto networks and cloud systems, the game changed. NIST defines intrusion detection as monitoring events in a system or network for signs of possible incidents, and says intrusion prevention systems can also try to stop them. CISA says firewalls shield computers and networks from malicious or unnecessary traffic, while NIST says cryptography is used to protect sensitive digitized information during transmission and while in storage. In other words: the modern office traded one locked box for a whole stack of digital locks, alarms, and panic buttons.
Of course, the modern setup has its own virtues. Data can be backed up automatically, shared instantly, and protected with layered controls that the floppy-disk era never needed. NIST’s storage-encryption guidance still says organizations should physically secure devices and removable media, which is a polite way of saying: the box still matters, even when the box now lives in a server rack. Security did not become less important; it became more complicated, which is basically the same thing with extra meetings.
So yes, a locked plastic box full of floppies could be safer than a badly configured internet-facing system. But that is not because the past was wiser. It is because the past had fewer doors, fewer windows, and fewer strangers trying every handle on the planet at once. Security has always been a trade-off between convenience and control; we just used to do the math with keys instead of passwords.
Sources:
The Thisclaimer logo blends a classic warning symbol with a brain icon to represent critical thinking, curiosity, and thoughtful disclaimers. #cybersecurity #dataSecurity #encryption #firewalls #floppyDisks #internet #internetHistory #intrusionDetection #officeHistory #openSource #physicalSecurity #techNostalgia #technology #ubuntu #wordpress
Britannica — https://www.britannica.com/technology/floppy-disk
Pew Research Center — https://www.pewresearch.org/internet/2014/02/27/part-1-how-the-internet-has-woven-itself-into-american-life/
NIST SP 800-94 — https://csrc.nist.gov/pubs/sp/800/94/final
CISA firewalls — https://www.cisa.gov/news-events/news/understanding-firewalls-home-and-small-office-use
NIST SP 800-175B Rev. 1 — https://csrc.nist.gov/pubs/sp/800/175/b/r1/final
NIST SP 800-111 — https://nvlpubs.nist.gov/nistpubs/Legacy/SP/nistspecialpublication800-111.pdf
Wikimedia Commons image page — https://commons.wikimedia.org/wiki/File:Floppy_Disk_HD.jpg -
Why a Locked Floppy Disk Could Be Safer Than a Modern Network
Photo by CCDBarcodeScanner, licensed CC BY-SA 4.0 via Wikimedia Commons.Dear Cherubs, in the 1990s, office security had the elegance of a locked drawer and the threat model of a very determined coat thief. Floppy disks were the workhorses of the era, and Britannica notes they were popular from the 1970s until the late 1990s, made of flexible plastic coated with magnetic material. Before the internet became an everyday business utility, many workplaces were still mostly offline; Pew Research found that in 1995 only 14% of U.S. adults had internet access, and 42% had never heard of it.
THE LOCKED-BOX LOGIC
If your payroll files, drafts, and backups lived on removable media, the cleanest security move was physical control. Put the disks in a cabinet, lock the cabinet, and hope nobody on the third floor had a master key and a curious streak. It was a blunt system, but it worked because access was local, slow, and obvious. If someone needed a copy, they usually had to walk over, ask, sign something, and maybe endure a suspicious look from whoever guarded the supply room.
That is the part people forget when they romanticize the old days. The security was not magical; the attack surface was just tiny. To steal the data, someone usually had to be in the building, or at least within arm’s reach of the media. Annoyingly low-tech, yes. Also annoyingly effective.
MODERN SECURITY, NEW PROBLEMS
Once files moved onto networks and cloud systems, the game changed. NIST defines intrusion detection as monitoring events in a system or network for signs of possible incidents, and says intrusion prevention systems can also try to stop them. CISA says firewalls shield computers and networks from malicious or unnecessary traffic, while NIST says cryptography is used to protect sensitive digitized information during transmission and while in storage. In other words: the modern office traded one locked box for a whole stack of digital locks, alarms, and panic buttons.
Of course, the modern setup has its own virtues. Data can be backed up automatically, shared instantly, and protected with layered controls that the floppy-disk era never needed. NIST’s storage-encryption guidance still says organizations should physically secure devices and removable media, which is a polite way of saying: the box still matters, even when the box now lives in a server rack. Security did not become less important; it became more complicated, which is basically the same thing with extra meetings.
So yes, a locked plastic box full of floppies could be safer than a badly configured internet-facing system. But that is not because the past was wiser. It is because the past had fewer doors, fewer windows, and fewer strangers trying every handle on the planet at once. Security has always been a trade-off between convenience and control; we just used to do the math with keys instead of passwords.
Sources:
The Thisclaimer logo blends a classic warning symbol with a brain icon to represent critical thinking, curiosity, and thoughtful disclaimers. #cybersecurity #dataSecurity #encryption #firewalls #floppyDisks #internet #internetHistory #intrusionDetection #officeHistory #openSource #physicalSecurity #techNostalgia #technology #ubuntu #wordpress
Britannica — https://www.britannica.com/technology/floppy-disk
Pew Research Center — https://www.pewresearch.org/internet/2014/02/27/part-1-how-the-internet-has-woven-itself-into-american-life/
NIST SP 800-94 — https://csrc.nist.gov/pubs/sp/800/94/final
CISA firewalls — https://www.cisa.gov/news-events/news/understanding-firewalls-home-and-small-office-use
NIST SP 800-175B Rev. 1 — https://csrc.nist.gov/pubs/sp/800/175/b/r1/final
NIST SP 800-111 — https://nvlpubs.nist.gov/nistpubs/Legacy/SP/nistspecialpublication800-111.pdf
Wikimedia Commons image page — https://commons.wikimedia.org/wiki/File:Floppy_Disk_HD.jpg -
🍲 Daemon Soup: The Cybersecurity Tiers of Small Businesses #cybersecurity, #smallbusiness, #digitaldefense, #DaemonSoup, #cybersecuritytiers, #businesssecurity, #passwordprotection, #employeetraining, #multifactorauthentication, #encryption, #penetrationtesting, #firewalls, #antivirus, #cybersecuritystrategy, #dataprotection, #securitybestpractices, #cyberthreats, #ITsecurity, #systemfortification, #cyberresilience, #threatdetection
-
🍲 Daemon Soup: The Cybersecurity Tiers of Small Businesses #cybersecurity, #smallbusiness, #digitaldefense, #DaemonSoup, #cybersecuritytiers, #businesssecurity, #passwordprotection, #employeetraining, #multifactorauthentication, #encryption, #penetrationtesting, #firewalls, #antivirus, #cybersecuritystrategy, #dataprotection, #securitybestpractices, #cyberthreats, #ITsecurity, #systemfortification, #cyberresilience, #threatdetection
-
Not sure if a traditional firewall is for you? Next-generation firewalls are like firewalls with superpowers. However, they come with challenges. The feature that allows most of their advanced functions is decryption, and that has lots of potential downsides. Knowing your environment, users, and use cases is key in deciding what your next firewall will be.
#firewalls #NGFW #howToChooseAFirewall #firewallSecurity #negativePID
-
Wieder einmal mehr ein Beleg dafür, dass #Zerodays kein Handelsgut sind, sondern als #Cybersicherheitsrisiko sofort gemeldet und geschlossen werden müssen:
"#Hacker infiltrieren #Firewalls durch Zero-Day-Schwachstelle
Erste Angriffe über die Schwachstelle hat es schon Ende März gegeben. Einen Hotfix für die betroffenen Firewallsysteme stellt Palo Alto Networks erst jetzt bereit."
https://www.golem.de/news/palo-alto-networks-hacker-infiltrieren-firewalls-durch-zero-day-schwachstelle-2404-184163.html -
Wieder einmal mehr ein Beleg dafür, dass #Zerodays kein Handelsgut sind, sondern als #Cybersicherheitsrisiko sofort gemeldet und geschlossen werden müssen:
"#Hacker infiltrieren #Firewalls durch Zero-Day-Schwachstelle
Erste Angriffe über die Schwachstelle hat es schon Ende März gegeben. Einen Hotfix für die betroffenen Firewallsysteme stellt Palo Alto Networks erst jetzt bereit."
https://www.golem.de/news/palo-alto-networks-hacker-infiltrieren-firewalls-durch-zero-day-schwachstelle-2404-184163.html -
Wieder einmal mehr ein Beleg dafür, dass #Zerodays kein Handelsgut sind, sondern als #Cybersicherheitsrisiko sofort gemeldet und geschlossen werden müssen:
"#Hacker infiltrieren #Firewalls durch Zero-Day-Schwachstelle
Erste Angriffe über die Schwachstelle hat es schon Ende März gegeben. Einen Hotfix für die betroffenen Firewallsysteme stellt Palo Alto Networks erst jetzt bereit."
https://www.golem.de/news/palo-alto-networks-hacker-infiltrieren-firewalls-durch-zero-day-schwachstelle-2404-184163.html -
Wieder einmal mehr ein Beleg dafür, dass #Zerodays kein Handelsgut sind, sondern als #Cybersicherheitsrisiko sofort gemeldet und geschlossen werden müssen:
"#Hacker infiltrieren #Firewalls durch Zero-Day-Schwachstelle
Erste Angriffe über die Schwachstelle hat es schon Ende März gegeben. Einen Hotfix für die betroffenen Firewallsysteme stellt Palo Alto Networks erst jetzt bereit."
https://www.golem.de/news/palo-alto-networks-hacker-infiltrieren-firewalls-durch-zero-day-schwachstelle-2404-184163.html -
Wieder einmal mehr ein Beleg dafür, dass #Zerodays kein Handelsgut sind, sondern als #Cybersicherheitsrisiko sofort gemeldet und geschlossen werden müssen:
"#Hacker infiltrieren #Firewalls durch Zero-Day-Schwachstelle
Erste Angriffe über die Schwachstelle hat es schon Ende März gegeben. Einen Hotfix für die betroffenen Firewallsysteme stellt Palo Alto Networks erst jetzt bereit."
https://www.golem.de/news/palo-alto-networks-hacker-infiltrieren-firewalls-durch-zero-day-schwachstelle-2404-184163.html -
@PartHaircut A framework is a good start, however it’s important to select metrics that makes most sense from your situation, company and area. Which topics and what areas would you and your stakeholders to focus on?
For a particular stakeholder group we selected these metrics (picture) that we wanted to improve on. We measure these on device and business site level and then follow up the score with individual business sites as well as per business areas. And it has become a roaring success. Sites are competing to be better as well as between businesses areas. Technically most of the score data is collected automatically from operational tools (#malwareProtection, #Patching, #Backup, #Firewalls etc) #ServiceNow #grc module making reporting and follow up more effective. The score component and composition is a subject to change when situation improves over time, making sure we measure what is important and relevant for us over time. -
HIRING: Chief Information Security Officer / Los Angeles https://infosec-jobs.com/J23298/ #InfoSec #InfoSecJobs #Cybersecurity #jobsearch #hiringnow #CyberCareers #LosAngeles #Agile #CISSP #Cloud #Compliance #Encryption #Firewalls #GIAC #GSLC #NIST #Securitystrategy #Strategy
-
and just like that #homelab. I'm back.. I still don't think I accomplished what I wanted to.. Maybe!! I'll try it this way for now!!
-
and just like that #homelab. I'm back.. I still don't think I accomplished what I wanted to.. Maybe!! I'll try it this way for now!!