One of the most frequently asked questions during IT interviews is, “What happens when you try to access google.com in your browser?” It’s a fantastic question that allows you to demonstrate a wide variety of technical understanding. There are so many different layers involved: HTTP, DNS, TCP/IP networking, caching, load balancing, and browser details (autocomplete, tracking, memory management, etc). This is my attempt at…
Category: Information Technology
Phishing is phishing
E-mail phishing. Spear phishing. Whaling. Pharming. Smishing. Vishing. What’s next? Slishing (on Slack)? Dishing (over Discord)? Wishing (via Webex)? Kishing (through a Sean Connery themed dating site)? Creating a new verb for every attack vector is a sure-fire way to overwhelm users to the point of not caring. It’s true that we as #cybersecurity professionals find it useful to articulate the various categories, but…
Multi-threaded Port Scanner
One of the core functions performed during network reconnaissance is identifying open ports on a target host. There exist hundreds of tools that can scan for open ports, but the fundamental idea of a port scanner is attempting to establish a socket connection. If the connection is successful, that port is open. If not, no services exist there or the host is otherwise rejecting…
Two-Step Verification vs. Multi-Factor Authentication
Google recently announced that they have seen a 50% decrease in account compromises since auto-enrolling users in 2-Step Verification (2SV) in late 2021. This is great news from a cybersecurity stand-point. However, it’s worth noting that two-step verification is less secure than proper multi-factor authentication (MFA). To understand the difference between 2SV and MFA, consider the following authentication factors: Something you know (usernames, passwords)…
Recovering from Tech Burnout
At the beginning of the pandemic, I had already been feeling burned out for almost a year. In the previous summer of 2019, I had just finished an intense Computer Science degree program. During the previous 2 years, I had been working a part-time job (as a software/IT engineer) while studying computer science and performing undergraduate research. I was putting in 80+ hours a…
Introduction to REST architecture
This article is a brief introduction to the REpresentational State Transfer (REST) architecture. It is intended for aspiring/junior software developers and other technical professionals who would like to have a better understanding of REST. Representational State Transfer is a system architectural style enabling the creation and utilization of web services. Services compatible with REST are referred to as “RESTful.” This is common among microservices,…
Agile & Scrum for Newbies
Agile is a framework for methodologies that follow the Agile manifesto. One of the most common Agile methodologies in use is Scrum. It’s a really effective and flexible approach that focuses on building fully functional things within a short amount of time. It really shortens the feedback loop! I ended up adapting it for my own life management because of how well it meshes…