Free AI web copilot to create summaries, insights and extended knowledge, download it at here

1998

Abstract

ttps://readmedium.com/in-gods-hands-a381caf6c7ad"> <div> <div> <h2>In God’s Hands</h2> <div><h3>Everybody, in fact the entire universe, is in God’s hands; so don’t worry so much I reminded my friend even though</h3></div> <div><p>medium.com</p></div> </div> <div> <div style="background-image: url(https://miro.readmedium.com/v2/resize:fit:320/1*DFd1cUoryVeRdVBltQJfmg.jpeg)"></div> </div> </div> </a> </div><p id="4180">Inspirational by <a href="undefined">Ilana Lydia</a>:</p><div id="a7da" class="link-block"> <a href="https://ilanalydia11.medium.com/6-underrated-quotes-that-help-me-focus-d7c73ee17960"> <div> <div> <h2>6 Underrated Quotes that Help Me Focus</h2> <div><h3>For when you have a furry brain</h3></div> <div><p>ilanalydia11.medium.com</p></div> </div> <div> <div style="background-image: url(https://miro.readmedium.com/v2/resize:fit:320/0*7y8FirjSOQQ-FciY)"></div> </div> </div> </a> </div><p id="1b6b">Article by <a href="undefined">Shanna Loga</a>:</p><div id="a63f" class="link-block"> <a href="https://shannaloga.medium.com/what-am-i-worth-as-a-stay-at-home-mom-ec93803afb54"> <div> <div> <h2>What Am I Worth as a Stay-at-Home Mom?</h2> <div><h3>And is what I do considered work?</h3></div> <div><p>shannaloga.medium.com</p></div> </div> <div> <div style="background-image: url(https://miro.readmedium.com/v2/resize:fit:320/1*0niE-C__dn_qY_tCFmVFrg.jpeg)"></div> </div> </div> </a> </div><p id="1e80">Humor by <a href="undefined">Lotta Eirado</a>:</p><div id="beb5" clas

Options

s="link-block"> <a href="https://lottaeirado.medium.com/4-handy-life-lessons-i-learned-from-the-very-hungry-caterpillar-bc50aab404ab"> <div> <div> <h2>4 Handy Life Lessons I Learned From The Very Hungry Caterpillar</h2> <div><h3>This classic children’s book by the late Eric Carle may be an oldie, but its lessons are still goodies.</h3></div> <div><p>lottaeirado.medium.com</p></div> </div> <div> <div style="background-image: url(https://miro.readmedium.com/v2/resize:fit:320/1*8tLH0G_PGrYYWKWhK1JzPg.jpeg)"></div> </div> </div> </a> </div><p id="e98e">Of course, after a few weeks here, my reading list has over 300 stories and poems. I do the same thing on Medium as I do in real life with collecting books — my shelves are full of novels in my “to be read” list that I’ll eventually get around to. While I do own a Kindle, reading a physical book has no comparison: that slightly musty old-book smell or the fresh aroma of newly printed ink — the heavy weight of the physical book in my hands — the shushing sound as I turn the pages — the satisfaction of flipping to the last chapter and being able to close the book with a satisfied sigh on a story well read.</p><p id="b804">The only problem is that my reading list here (and piles of novels at home) keeps on growing. Surrounding myself with books is like wearing clothes — I feel naked if I don’t have them around. I’m not a collector of anything else, except now I’ve added Medium articles to the equation. So the question is…</p><p id="88d3">Does anyone else have a Medium addiction? Is there a cure?</p><figure id="0861"><img src="https://cdn-images-1.readmedium.com/v2/resize:fit:800/1*RTZev5XCvdc76HxnN7nP9g.jpeg"><figcaption>Image by <a href="https://pixabay.com/users/mohamed_hassan-5229782/">Mohamed Hassan, Pixabay</a></figcaption></figure></article></body>

Host-based Firewall to Validate Network Firewall

Another way to watch the watchers and understand potential supply chain attacks

This post is part of a series on an adventure to connect a PFSense firewall and a Ubiquiti Dream Machine Pro. See the bottom of the post for all the posts in this series. This is one of my posts on Network Security.

Free Content on Jobs in Cybersecurity | Sign up for the Email List

I mentioned in the previous post on first impressions using a Ubiquiti UDM Pro, that I got to the location setting and the page just spun, and nothing ever showed up. I speculated it was because the UI was trying to reach out to some third-party domain that was not allowed by my firewall configuration, which is specifically set up to only allow the UDM Pro to reach out to domains I’ve added in the configuration.

I explained how I reverse-engineered what domains the device contacts in a prior post. I also explained how I set up an alias in PFSense to only allow the domains I had specifically investigated and allowed. Apparently, the location page reaches out to something other than what I had already allowed so it’s just spinning and what I presume should be a map never shows up.

I could have determined which domain the UI was using the same way I did in my last post. I also could have looked at the browser development tools settings to see what domain was failing.

From there click on Console and you can see what is getting blocked. In this particular case, it appears that Medium is blocking a domain it’s trying to load in its content security policy (Google Analytics). There’s also a failure to load another URL on csp.medium.com with a 522 HTTP error. I’m not blocking either of those things. It looks Medium has a few misconfigurations they might want to look into. However, if I was blocking something, it would also show up here with a failure to connect.

Those mechanisms will detect after the fact when a domain name is blocked. They won’t block an unexpected domain name or allow you to review and allow or disallow it as a page opens or a connection is made. It could be quite annoying to inspect every connection but if you are a security researcher geek like me that’s just something you like to do. I like to see what’s connecting to what.

One way to make sure your network-based firewall is working is to run a host-based firewall on top of that. A host-based firewall will allow you to inspect connections your machine makes. I was running my host-based firewall when the locations page on the Ubiquiti Dream Machine Pro failed to load, and this connection popped up. Now I know that the UI is trying to get to api.mapbox.com. Even if I allowed this API connection here on my host, the connection would later be blocked when it reaches the PFSense.

As I mentioned in my last post, all connections are allowed by default in the Ubiquiti device, so that wouldn’t have blocked anything. I haven’t tried out the firewall to see if and how that would behave in regards to connections required for the UI to function properly.

If you are using a MAC OS, you can Little Snitch to monitor your network connections.

Little Snitch

Products Little Snitch Micro Snitch LaunchBar Internet Access Policy Viewer More Products Shop Support Blog Jobs Makes…

www.obdev.at

If you are running a Windows machine, you can use Windows Defender Firewall.

Windows Defender Firewall with Advanced Security (Windows) - Windows security

Windows 10 Windows 11 Windows Server 2016 and above This is an overview of the Windows Defender Firewall with Advanced…

docs.microsoft.com

If you are on Linux, use IP Tables.

iptables - Wikipedia

iptables is a user-space utility program that allows a system administrator to configure the IP packet filter rules of…

en.wikipedia.org

I will need to research this API a bit more and some others I’ve found while using the product. However, as I mentioned, dynamically including third-party code in a production environment can be dangerous. I explained in this post how including components and code on your own systems whenever possible is safer in this blog post and why.

Real-time third-party code injection

The risk associated with inclusion of externally-hosted code on websites and how to mitigate it

medium.com

Now, not only do you need to worry about a security problem at Ubiquiti, you’ll have to monitor for security problems at Mapbox. That is known as a supply chain attack, where a third-party component used to build a product has a security problem. Something to be aware of whenever you are using code and products and especially network appliances.

Follow for updates.

About Teri Radichel:
~~~~~~~~~~~~~~~~~~~~
⭐️ Author: Cybersecurity Books
⭐️ Presentations: Presentations by Teri Radichel
⭐️ Recognition: SANS Award, AWS Security Hero, IANS Faculty
⭐️ Certifications: SANS ~ GSE 240
⭐️ Education: BA Business, Master of Software Engineering, Master of Infosec
⭐️ Company: Penetration Tests, Assessments, Phone Consulting ~ 2nd Sight Lab

Need Help With Cybersecurity, Cloud, or Application Security?
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
🔒 Request a penetration test or security assessment
🔒 Schedule a consulting call
🔒 Cybersecurity Speaker for Presentation

Follow for more stories like this:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ 
❤️ Sign Up my Medium Email List
❤️ Twitter: @teriradichel
❤️ LinkedIn: https://www.linkedin.com/in/teriradichel
❤️ Mastodon: @teriradichel@infosec.exchange
❤️ Facebook: 2nd Sight Lab
❤️ YouTube: @2ndsightlab