Browsed by
Category: Computer Software

Splunk + Minecraft?

Splunk + Minecraft?

Hello everyone! Today I’ve been spending a lot of time working in my home lab (as I so often do). And I’m pleased to report that I have learned many new things about the rsyslog package available (and often preinstalled) on most in Linux distributions. What is rsyslog? rsyslog can send it’s logs over to virtually any type of syslog server on the market. Including more advanced systems such as Splunk and other SIEM products. That doesn’t come as a…

Read More Read More

Authentication Mechanisms – How Secure are They?

Authentication Mechanisms – How Secure are They?

Hello everyone! Recently, I’ve been reading about the Digest Authentication mechanism (RFC 2617) after reading the Account Password Policy section of the Windows Local Computer and Group Policy Object (GPO) editors piqued my interest. RFC 2617 describes two primary authentication methods: Basic and Digest. Basic Authentication Basic is as simple as it is insecure. Basic transfers the specified username and password in PLAINTEXT unless of course surrounded by a layer of encryption such as SSL/TLS. Which I’d STRONGLY recommended you…

Read More Read More

How to use PGP

How to use PGP

Hello everyone, hope you are all having a good day today. Recently I’ve been playing around with encryption. Specifically PGP encryption. It’s a bit embarrassing for me to admit this but, while I understand symmetric encryption, when it comes to asymmetric encryption that is a bit foggy to me. I always seem to forget what the difference between public and private keys are. Which one do you send to people? I know that it’s the public key, but it doesn’t…

Read More Read More

Using Syslog

Using Syslog

Happy Thanksgiving everyone! This week I’ve been hearing quite a bit about Syslog and how much of a help it is when you’ve got multiple servers that need to be constantly monitored. Enter the long standing solution, syslog. Syslog has been around forever and like a lot of network administrators when I first learned about Syslog I didn’t have a need for it. I had so few computers back then that I didn’t see the need. Like so many I…

Read More Read More

NoScript For Firefox

NoScript For Firefox

Hello everyone,   This week I’d like to talk about the NoScript addon which is available for Mozilla Firefox. I’ve been using NoScript for a few weeks and while I find it annoying sometimes. I do find it really nice that I am able to block things like Google Analytics and other similar scripts like that. If I don’t want a script to run on my computer. I don’t run it. Scripts only run if I tell them to run….

Read More Read More

Password Security

Password Security

Hello Everyone,   Being that this is Cyber security mouth and I’ve recently been ramping up my cyber security measures to even higher levels. This week I’d like to talk about my favorite password manager: KeePass. The main thing that I like most about Keepass is that it does not use any of that cloud storage nonsense when it comes to storing your passwords. Yes I know that this means that you need to find a way to store and transfer…

Read More Read More

Surricatta Logs on pfSense

Surricatta Logs on pfSense

Hello Again everyone, Today I’d like to talk about network logs packet analysis and how truly expensive it can be. First off, I want to make it clear that I am not in any way recommending that you don’t log packets. Logging packets is an essential part of network security and I would argue that it is pretty much impossibe to ensure that your network is secure without doing some form of packet logging (at least in the short term)….

Read More Read More

All About OpenVAS

All About OpenVAS

Hello again everyone, Now you may not like the idea of using vulnerability scanners or other hack tools. However, OpenVAS is VERY powerful tool to anyone who is running nearly any type of server and wants to make sure that it is protected. Now you might be thinking that as long as you keep your machines up-to-date you should be fine. But that is not entirely true. While updates are an important part of protecting your systems misconfiguration is another…

Read More Read More

ntopng On pfSense

ntopng On pfSense

Today I would like to introduce you all to a very useful package that you can install on pfSense: ntopng. Formally known as ntop, ntopng allows you to Analyze the different traffic on each  interface on your pfSense box. This can be extremely valuable from a security perspective because not only can you see what is happening on your network. You can quite easily get an idea of what exactly your systems are doing. As well as get a sense…

Read More Read More

pfSense for Learning Computer Networking & Cybersecurity

pfSense for Learning Computer Networking & Cybersecurity

Hello everyone!   This week I want to continue talking about pfSense and why I think it is one of the best pieces of software especially for anyone who is looking into (or is already in) a career network administration or cybersecurity. I recently started taking a cybersecurity class and as part of our first lesson we reviewed the basics of how computer networks work and that got me thinking about pfSense and the journey that I’ve taken on my…

Read More Read More

Is My E2500 Broken?

Is My E2500 Broken?

Happy Friday Everyone! As everyone who has ever met me probably knows I like to learn about computers and have the tendency to get excited about stuff no one else cares about. Today I opened the web interface on my Linksys e2500 router which runs the DD-WRT firmware. And saw that the system load was a perfect 0.00, 0.00, 0.00 (no CPU load over the past 1, 5, and 15 minutes respectively). The web interface also told me that the…

Read More Read More

Automatic Linux Backup Script

Automatic Linux Backup Script

For quite some time I’ve needed a script to backup all of my Linux servers to a single machine on the network. Of course, I wanted this to be automated so I didn’t forget to run it. I was looking for a Linux Backup script that would do the following things: Wake the backup server Backup files from several different directories Backup MySQL databases Upload the files to another server (preferably using something encrypted like SCP) (Securely) delete the old…

Read More Read More

Posting Voicemails to WordPress?

Posting Voicemails to WordPress?

Hello everyone, I have the tendency to ask questions or come up with solutions to problems no one asked me about. Today, I noticed that WordPress allows you to specify an email account that you’ve setup specifically so that any emails send to it automatically gets parsed by and then posted on the WordPress website. Now, I personally can’t see why you would want to do this. If you have an Internet connection why wouldn’t you just go straight to…

Read More Read More