Browsed by
Category: Computer Networking

Splunk + Minecraft?

Splunk + Minecraft?

Hello everyone! Today I’ve been spending a lot of time working in my home lab (as I so often do). And I’m pleased to report that I have learned many new things about the rsyslog package available (and often preinstalled) on most in Linux distributions. What is rsyslog? rsyslog can send it’s logs over to virtually any type of syslog server on the market. Including more advanced systems such as Splunk and other SIEM products. That doesn’t come as a…

Read More Read More

Authentication Mechanisms – How Secure are They?

Authentication Mechanisms – How Secure are They?

Hello everyone! Recently, I’ve been reading about the Digest Authentication mechanism (RFC 2617) after reading the Account Password Policy section of the Windows Local Computer and Group Policy Object (GPO) editors piqued my interest. RFC 2617 describes two primary authentication methods: Basic and Digest. Basic Authentication Basic is as simple as it is insecure. Basic transfers the specified username and password in PLAINTEXT unless of course surrounded by a layer of encryption such as SSL/TLS. Which I’d STRONGLY recommended you…

Read More Read More

Wireshark for Firewall Rules

Wireshark for Firewall Rules

I found this interesting article here where I learned that it is possible to automatically generate ACLs rules for many common firewalls including (but not limited to). Linux IPtables, Windows Firewall, Cisco IOS, packet filter (I don’t know if this extends to pfSense but I would imagine so since the PF package is what pfSense was originally based on), and more. This can be very useful weather you are trying to allow something or block it. Wireshark has an option…

Read More Read More

My New Discovery in The Suricata pfSense Package

My New Discovery in The Suricata pfSense Package

Hello Everyone, This week I would like to talk about something that has concerned me for quite some time now. As many of you know I have experience with Suricata and the Suricata package for pfSense. As I’ve progressed throughout my cybersecurity class I’ve noticed that they seem to suggest running an IPS on the internal network as well on on the WAN side. Now I’ve been running Suricata on my internal network for a  long time now. However, I was…

Read More Read More

Using Syslog

Using Syslog

Happy Thanksgiving everyone! This week I’ve been hearing quite a bit about Syslog and how much of a help it is when you’ve got multiple servers that need to be constantly monitored. Enter the long standing solution, syslog. Syslog has been around forever and like a lot of network administrators when I first learned about Syslog I didn’t have a need for it. I had so few computers back then that I didn’t see the need. Like so many I…

Read More Read More

Blockchain in the Election System

Blockchain in the Election System

Hello everyone,   With election day finally here many people are heading out to go vote (and if you haven’t voted yet I encourage you to do so). Many people are concerned about election interference and weather or not you consider this to be a real threat (I’m not going to take sides). There have been a few proposals on what to do about this. But one of the most publicized ideas is to use Blockchain. You may remember hearing…

Read More Read More

OSSIM SEIM Systems

OSSIM SEIM Systems

This week I’ve been doing a lot of research on SEIM systems both as part of the classes that I’m taking and out of my own curiosity. SEIM sounds like a very powerful and useful tool which I have yet to really play with.   Enter AlienVault’s OSSIM, and all of it’s open-source awesomeness. There is a lot of reasons for why an organization (like Aeatacraft) might consider running it because it is a very capable and you can beat…

Read More Read More

Surricatta Logs on pfSense

Surricatta Logs on pfSense

Hello Again everyone, Today I’d like to talk about network logs packet analysis and how truly expensive it can be. First off, I want to make it clear that I am not in any way recommending that you don’t log packets. Logging packets is an essential part of network security and I would argue that it is pretty much impossibe to ensure that your network is secure without doing some form of packet logging (at least in the short term)….

Read More Read More

Is My OpenVPN Traffic Being Decrypted?

Is My OpenVPN Traffic Being Decrypted?

Hello everyone,   As per my previous post about OpenVPN on pfSense I would like to tell you all a problem that I’ve been having recently since I’ve started trying to use it to protect myself on my school’s public WiFi network. You see, I like all college students have a smart phone and I can create my own private wireless hotspot with it. To which I connect my laptop to it while I’m in class so I don’t have…

Read More Read More

pfSense can Protect You Even on the Go

pfSense can Protect You Even on the Go

Hello everyone,   Once again I would like to talk about using pfSense to setup an OpenVPN server which you can use to protect yourself on open and public WiFi networks. You see the problem that I often encounter while on the go is that there are no WiFi networks that I trust. I barely trust my own home WiFi network and I set it up to be very secure and I monitor it constantly! We are told never to…

Read More Read More

ntopng On pfSense

ntopng On pfSense

Today I would like to introduce you all to a very useful package that you can install on pfSense: ntopng. Formally known as ntop, ntopng allows you to Analyze the different traffic on each  interface on your pfSense box. This can be extremely valuable from a security perspective because not only can you see what is happening on your network. You can quite easily get an idea of what exactly your systems are doing. As well as get a sense…

Read More Read More

pfSense for Learning Computer Networking & Cybersecurity

pfSense for Learning Computer Networking & Cybersecurity

Hello everyone!   This week I want to continue talking about pfSense and why I think it is one of the best pieces of software especially for anyone who is looking into (or is already in) a career network administration or cybersecurity. I recently started taking a cybersecurity class and as part of our first lesson we reviewed the basics of how computer networks work and that got me thinking about pfSense and the journey that I’ve taken on my…

Read More Read More