IP/MAC Scanner from Linux Command Line?

I use IP Scanners all the time.  Angry IP and IP Scanner Pro are great GUI applications for Windows, OS X, and Linux.  But what if you’re only option is a linux command line?  NMAP is here to the rescue!

If you want to scan an IP range for MAC and IP Addresses that are up, here is the command:

NMAP Example:


Enable FTP Server in Mac OS X El Capitan

There’s no need to download an FTP server with OS X El Capitan.  Apple has embedded an FTP server than you can turn on easily!




P.S.  FTP is insecure, but sometimes you can’t avoid it!

iPhone WiFi Calling not working

WiFi calling on the iPhone is awesome when it works…. But sometimes it doesn’t work.  Here are some steps to try to resolve WiFi Calling not working.


  • WiFi calling calls fail
  • Battery Drain
  • Incoming calls aren’t ringing
  • Incoming callers can’t hear you
  • iPhone gets warm when on WiFi
  • iPhone switches between WiFi carrier and regular carrier (T-Mobile to T-Mobile WiFi)


Try these fixes in order one by one

  1. Update your WiFi Emergency Address (even if you update it to the same address, just update it)
  2. Reset Network Settings
  3. Reboot
  4. Check SIM card for 3GG or “60.00”
  5. Check WiFi router firewall settings for ports 500 and 4500
  6. Force the WiFi router to “G” Mode
  7. Replace WiFi Router


iPhone or iPad sync session failed to start

The backup and sync feature with Apple’s iTunes is slowly being replaced by iCloud’s features. But if you’re cheap like me and have over 120GB on your 128GB iPhone, you don’t want to resync with the cloud in the event of a failure. I have so much freaking data, I need a local back up. So I sync with iTunes…..

Just recently I ran into an issue when trying to sync my phone:

“The iPhone ‘XYZ’s iPhone’ could not be synced because the sync session failed to start.”

There’s an easy fix for that…. 


  1. Go to Preferences
  2. Go to Devices
  3. Delete the Device Backup for the iPhone/iPad/iPod giving you problems
  4. Restart iTunes



Delete a route in Mac OS X Yosemite

I realized I had a post for how to add a static route, but didn’t have one for how to delete one…. So here ya go!


Social Investing?

I think Motif Investing is the New wave for the younger generation investor. We always “google it” before we try anything and we’re such a “DIY” generation. Why not with investing? E-trade and Scottrade are part of our parents generation. Motif is cheaper, more intuitive, and easier. It also has a “social” side where you can compare your gains to your friends and family.

How is it cheaper? They let you buy fractional shares first of all. So you can start with only $250 and buy Berkshire Hathaway, Google, Netflix, Con Agra, Adobe, Apple, and more.
Well, what about commissions? You can buy up to 30 stocks at one time for only 9.95 total. Not 9.95 per stock… 9.95 TOTAL. That’s awesome!

If you’re interested in getting started in investing, Check Motif Investing Out (if you sign up we both get $100)!

Check out my first “motif” I created:


Security Rant: Phishing Prevention and Mitigation

I think there are 3 parts to phishing defense.

1. Investigation

You have to gather statistics on the current state of the environment. Should the customer even invest in training or tools to prevent links from being clicked?  They won’t know until they run a campaign to find out how many users fall prey to typical phishing techniques.

I know companies that use Black Squirrel Labs (at Black Hat last year) for Phishing campaigns against employees.
Phishline, Wombat, and ThreatSim are all good too.  It’s really GUI preference and price at that point.

2. Security Awareness Training

Let’s be honest, for the most part security awareness training doesn’t work.  I know someone in operations at a large financial in NYC that says the employees there just click through the training to mark as finished and don’t actually learn.  Which leads to quarterly training on the same topics hoping that one day they’ll “get it”.

Whether it’s custom built training, in-house training, or canned training from solutions mentioned before, the rate of adoptions is VERY LOW.

Most employees don’t know that clicking on an email can subject them to Sony/Target like compromises.  They assume hackers are getting in with Mountain Dew and terminal screens, not through mistakes THEY are making.

What I’ve seen work in the industry is one on one or small group training with security professionals/consultants once you’ve identified the users who make the mistakes,.  It’s more time consuming, but it also portrays the significance of what they’ve done.

And let them know they’ve been targeted/singled-out because of previous behavior.  I guarantee you a lot of employees won’t be clicking on any more fax emails.  Not because of some security training they rushed through, but because they was “caught” and something “bad” happened because of it.

3. Phishing Prevention vs. Mitigation

This is where a mix of network, application, and endpoint security come in.  None of the threat simulation campaign solutions actually mitigate phishing.  They help prevent with awareness and knowledge, but they will always have holes.  We are all infallible humans.  This is where mitigation comes in.

Application security: 

The majority of phishing still comes from e-mail.  Products like Proofpoint, McAfee, FireEye, Trend Micro, IronPort are designed to filter out spam AND phishing.  But someone could embed a sophisticated fishing link and get by most of them.

Endpoint Security:

For the e-mails that make it through and EVERYTHING else.  Let’s face it, your users aren’t just checking their secure corporate e-mails.  They’re checking outlook.com, gmail.com, yahoo.com, and some people are still using AOL!  All of those links are making it to their computers and bypassing your application security.  Not to mention the Facebook, LinkedIn, and Twitter links everyone is clicking on.

This is where endpoint security comes in.  Traditional Antivirus (AV) solutions have evolved to check web creditability before allowing the browser to finish the HTTP GET.  Some of the big players in endpoint security with regards to phishing are: ESET, Sophos, Kaspersky, McAfee, Symantec, Trend Micro, and Palo Alto.

Network Security:

Most networks have deployed next-gen firewalls.  These firewalls are capable of anti-spam, anti-virus, and intrusion detection.Juniper, Fortinet, and Palo Alto lead the way in next-generation firewall phishing protection.

These security mechanisms go beyond checking for link safety.  They inspect the payload of packets on the network.  This way, even if a clicked phishing link makes it through application, and endpoint security, the dangerous payload won’t make it back to the user.

As with all security, a multi-layered and varied technological approach is always best.  Security against phishing is no different.

10 Misconceptions I Had Before Moving To NYC (part 1)

Back in 2013 I moved to New York City. The “Big Apple”. The “City That Never Sleeps”. I was 28 years old and had been a few times before and heard all about it in the movies and media. I thought I knew what I was getting into….

But I didn’t.

Living in New York has been like slowly opening a Russian Doll gift. Once you think you have it figured out, you find a new layer underneath. It’s one of the most eye opening and horizon expanding experiences of my life. I have my lovely wife Dana to thank for that!

So, I’d like to share a few of the misconceptions I had and hopefully help other people see how great this city truly is!

  1. Misconception 1 – Having a car in the city would be easy.
    If you have a car…get rid of it before coming to NYC. Your life will be so much better for it!

    1. Let’s first talk about parking.  It’s not as easy to find a spot (even in Queens) as one would think. I’ve probably seen more rainbows than parking spots since moving here!
    2. Traffic? Well, it may not be quite as bad as LA/ATL/DAL during rush hour… But its ALWAYS bad, 24 hours a day.

  2. Misconception 2 – Snow is pretty.
    It is….For the first few hours.

    1. I’m from the Ozarks, so this is my picture of snow:

      Snowy Ozarks

    2. Upon moving to NYC, this is my reality of snow:

      Dirty NYC Snow

  3. Misconception 3 – Subways are dangerous.
    1. They’re actually really safe and “mostly” clean.
    2. The only time they’re dangerous is when you don’t get out of the way of one of the dancers:

      Subway Dancer

  4. Misconception 4 – New Yorkers Don’t Go To Church
    1. There are 6000 churches in New York City.
    2. Hillsong has a campus here.
    3. My church, Apostles NYC, has 4 campuses

      Apostles Union Square

      Apostles Union Square

  5. Misconception 5 – New Yorkers Are Rude and Impatient
    FAAAAR from it!

    1. Have you driven here? It takes 40 minutes to go 5 miles just about anywhere in this city.
    2. Have you ever rode on a packed subway car with someones armpit in your face?
    3. Have you tried to go to work on some random national potato parade day or another protest?
    4. Even grocery shopping isn’t easy. (Unless you live on top of the store!)
    5. New Yorkers deal with things like this daily… and multiple times each day.
    6. Remember that vacation you went on?  How the airport was really crowded and really busy?  That’s the daily life of a New Yorker.
    7. I’m simply amazed that New Yorkers are able to smile, laugh, and have fun, after all they put up with every single day.

Stay tuned for 6-10…

JUNOS Space Security Director Rules

JUNOS Space 14.1 and Security Director 14.1 have been out for a few months now.  With this version, I can finally start recommending the widespread adoption.  I’ve actually started using it and started installing it for customers.  It’s finally usable and workable!

Juniper’s documentation is usually one of the better vendors out there, but for some reason, the documentation around Security Director is a little sparse.

I was setting up a firewall policy to send to my devices and wanted to know what each “rule” meant.  I scoured the internet for a definition of what Global Pre, Global Post, Zone Pre, and Zone Post rules were.  It wasn’t until getting in touch with Juniper themselves that I was able to get an answer.

So what’s the deal with these types of rules?

If you see “Global” and “Zone” rules, you’re inside of a GROUP policy.  This means that the policy can be applied to a whole group of firewalls.

Global rules are applied globally to the device.  This means, that they aren’t zone dependent.  If you have a global firewall rule saying “any any permit”. That will allow ANY traffic from ANY zone to talk to ANY zone.  These are typically very broad security rules.

So when are global and zone based rules applied?

This is the Security Director Policy Workflow:

  1. Global Pre Policy
    1. From any zone to any zone
  2. Zone Pre Policy
    1. From zone x to zone y
  3. DEVICE Policy
    1. From zone x to zone y
      1. SPECIFIC only to this device
  4. Zone Post Policy
    1. From zone x to zone y
  5. Global Post Policy
    1. From any zone to any zone

Once you assign a device to the GROUP policy, you can create a device policy by right clicking on the device and clicking “Modify Policy”.

Screen Shot 2015-01-16 at 14.33.47



Why would you use a group firewall policy?

Let’s say you have 4 firewalls to manage.  You have a company policy that has to be applied to every firewall the block all NetBIOS traffic to the core. You can use a GROUP policy and apply it to all 4 firewalls so you don’t have to create the same rule 4 times.

Since each firewall will have its own networks behind it they’ll each have to have their own policies.  You can do this by assign a DEVICE policy to each device.  The GROUP policy will be applied along with the DEVICE policy to save you time on the rules that are duplicated and allow you to customize each device’s policy.

All rules created in the GROUP policy as a PRE rule will be added to before each device’s own rules and all rules created in the GROUP policy as a POST rule will be added after each device’s own rules.


Hopefully this helps explain GROUP and DEVICE policies as well as PRE and POST rules.  Let me know if you have any questions.