Author: venkat

Venkat is founder of FlexibleIR. He brings 20 years of experience in building tools and products at Sun Microsystems, Intel, Novell, HP, Yahoo,Tesco and startups. He has developed test suites and frameworks for post silicon validation of the Xeon processor family (Fuzzing). He has worked deeply on UFS files system at SUN Microsystem. Was a security paranoid at Yahoo.
Cloud General Network Operations SCADA Uncategorized
April 9, 2020

Playbook for Failed SSH login

Brute-force and dictionary attacks against remote services such as SSH, are one of the Top-20 most common forms of attack on the Internet that compromise servers. In particular, Unix-based and Mac OS X servers that run an SSH service to allow administrators secure remote connections are at risk. Playbook Mitigation Disable root access – It is a good security practice to disable logins via SSH […]

Cloud Network Operations
April 9, 2020

Playbook for DDoS

Attacking or defending against DDoS attacks is very expensive and skill/time intensive. Companies have huge, multi redundant pipes. One of the main reason individuals or syndicates DDOS is to blackmail companies. If short on time directly jump to the playbooks section. Please note that DDoS attacks can be rapidly morphing or changing with multiple attack vectors and changing within minutes. The attacker could immediately change […]

Web
April 9, 2020

Playbook for website defacement

Government websites hacked and vandalized is a very common observed threat. The defacement can happen for any website. What are the best practices to remediate when under attack?.

General Incident Response
April 6, 2020

Playbook for Phishing

If short on time directly jump to the playbooks section. Summary Any attempt to compromise a system and/or steal information by tricking a user into responding to a malicious message. The most common phishing attacks involve emails armed with malware hidden in attachments or links to infected websites, although phishing can be conducted via other methods such as voicemail, text messages, and social media, too. […]