Recently I've been having some issues with our VPN - every time I try to connect from home, I get and error 691 - 'Access denied because username and/or password is invalid on the domain'.
When I check the VPN logs, this error pops up as the connection is refused:
...vpn 0x01E=691 R=1...
We use a mobile One Time Password (mOTP) app to provide two-factor authentication, so I checked the secret, the pin and the time all match up on the VPN device and my laptop / phone - all looked good.
After much messing around I've managed to work out that the mobile phone is running about 40 seconds ahead of the VPN device - even though they're both pointing to Internet NTP servers... 40 seconds shouldn't make a difference, should it? Well it does. If I wait until then last 10 seconds of the current valid mOTP password and then connect, no problem. If I use a newly generated mOTP password, then it's a no-go.
So... 40 seconds makes a big difference in the world of VPNs!
Thursday, July 9, 2015
Wednesday, July 8, 2015
CISSP
I've spent the last 10 years of my IT career working in and around Infrastructure, and everything else IT that doesn't get bundled with app development and testing. One area I've been slowly been gravitating towards has been Information Security and luckily I've been able to make sure I get plenty of experience in this area over the last 6 years or so.
We recently underwent a Data Safeguard Audit and I was able to use this an an excuse to kick of a body of work to review the entire security for our organisation. In the end, we did pass the audit but not after some seriously hard graft by implementing an ISMS according to the Gospel of ISO27001.
We recently underwent a Data Safeguard Audit and I was able to use this an an excuse to kick of a body of work to review the entire security for our organisation. In the end, we did pass the audit but not after some seriously hard graft by implementing an ISMS according to the Gospel of ISO27001.
On the back of this I've convinced the powers that be to fund my (remote) attendance at a CISSP review and exam prep course (of course no funds available for transport or accommodation). The course is less than £1,000 which is either great value or I'll get what we've paid for (I do hope it's the former).
SO... I thought I'd share my experience of attempting to gain the CISSP qualification. I've been told it's not easy and requires some serious commitment - along with the stringent background checks to make sure you have your 5 years experience in IT security.
I plan to read the Shon Harris CISSP Exam Guide (4th Ed.) and possibly the Official Guide to CISSP CBK(4th Ed.) over the coming weeks; (remotely) attend the CISSP Certification Exam prep course; create flash cards and post-its for all facts I'm not 100% on; download some study MP3s for the car and mobile; videos for my lunch breaks, evenings and weekends; and attend a CISSP study group once a week for 2 hours. All this without sacrificing too much of my social life?! I guess that will have to wait to be seen...
I'll keep the updates coming over the next few months - I am aiming to complete the exam within 3 months from now, so beginning of October if all goes to plan. I'll keep it to my personal experience - what works for me, what doesn't work, good resources, bad resources, etc., and feel free to let me know of any tips, tricks or useful links in the comments!
Subscribe to:
Posts (Atom)