CompTIA is a good start. You can go with RHCE if you are feeling tough.
--- Dustin Puryear, Founder & Technology Strategist My direct number: 225-304-6402 Main: 225-706-8414 | Fax: 800-613-5731 | www.puryear-it.com<http://www.puryear-it.com> Puryear IT, LLC - We see IT differently. Baton Rouge IT Support<http://www.puryear-it.com/computer-support/baton-rouge/> & New Orleans IT Support<http://www.puryear-it.com/computer-support/new-orleans/> Cloud, Windows, Exchange, SQL Server, Linux, UNIX 2014 Honoree of the LSU 100: Fastest Growing Tiger Businesses<http://www.lsu100.com/> 2013 Honoree of the LSU 100: Fastest Growing Tiger Businesses<http://www.lsu100.com/> 2012 Honoree of the Silicon Bayou 100<http://siliconbayounews.com/2012/12/24/2012-silicon-bayou-100-group-4/> From: General [mailto:general-boun...@brlug.net] On Behalf Of Devin Quebodeaux Sent: Monday, April 4, 2016 11:00 AM To: general@brlug.net Subject: Re: [brlug-general] Ransomware - Was: RE: Anybody have a all-in-1 PC that I can hang from a wall? Hi guys, Im thinking about getting a linux and security cert. Would comptia security and Linux plus be the best to start with? Also do you guys ever get together as a group? On Monday, April 4, 2016 5:02 AM, Edmund Cramp <e...@motion-labs.com<mailto:e...@motion-labs.com>> wrote: > Would you care to share without giving away the store a broad definition of a > locked-down network? I’ll post our setup for comment: Our first line of defense is the firewall – which, from the outside, is drop all by default with only the ports needed for specific services open - and those ports only go to the machines that need them. The second line is the mail server – everything goes through the AV filter (Kaspersky), obvious infections are refused at the mail server and anything that gets past the AV filter is then content filtered – all mail with a .exe, .src, ,docx, .xls, .xlsx .bat, html attachment etc (the list is long), or a zip file that is password protected is quarantined. Anything that gets through both the AV and content filter goes through Spam Assassin before it reaches the users mailbox. The third line of defense is that NOBODY has default administrative privileges on any Windows PC and all PC’s are patched up to date and run Windows Defender. And finally – Smart Users who are very skeptical of social engineering, “Hi Jane, this is Ben. I need to transfer money to a customer ASAP to seal this deal, what’s the Wire Transfer password” and sudden emails from friends with a one line hyperlink. So that’s the defense but it’s not “locked down” by my book – these are the weaknesses that I see in our network: 1. PDF files are allowed into the network – these are not a huge threat at the moment, I hear stories of spear fishing with PDFs but I don’t think we rate that high in anyone’s interest. 2. Javascript – I try to keep this off the systems but so many things use it that we install it on demand and try to remember to remove it afterwards. 3. Flash – Again, remove on sight but sometimes it has to come back for one web site of another. 4. Drive by (ad network based) infections – all PC’s have three browsers installed, Firefox with AdBlockPlus and NoScript for default and general use, Chrome for when you want to access a site without ABP and NS, and Internet Explorer for anonymous use (no history, no cookies, everything deleted on exit). Backups currently work like this but I’m thinking about changing this in light of the ransomware threat: The main NAS is backed up off-site in real-time. A daily backup of the NAS is pulled via Rsync to another machine every night at midnight with each day stored separately for 5 days of history. Regards, Edmund Cramp -- "HTML's a cheap whore. Treating her with respect is possible, and even preferable, because once upon a time she was a beautiful and virginal format, but you shouldn't expect too much of her at this point." _______________________________________________ General mailing list General@brlug.net<mailto:General@brlug.net> http://brlug.net/mailman/listinfo/general_brlug.net
_______________________________________________ General mailing list General@brlug.net http://brlug.net/mailman/listinfo/general_brlug.net
