Published: Sat, 21 Jan 2017 00:05:09 +0000
Fri, 21 Jul 2006 20:06:06 GMTThis one goes way off topic from covering junk like IDS and security and takes you into the strange and bizarre world of looking for a new job. Whether you are in systems administration, networking or security or trying to get out of one and into the other, aside from internal promotion, there is usually only one way to get there and the road is challenging and loaded with many surprises and sometimes disappointments too. Fear not, successfully interviewing for a new position is all about your
Wed, 24 May 2006 16:53:53 GMTLet's start off with a great opensource product titled OSSEC that can be found at www.ossec.net. This product works on unix based systems only and provides capabilities to check for rootkits, file and directory integrity, integrates with system logging and with snort FULL and FAST alert logging. What does all of this mean? Once installed, this application can be configured to check at configurable intervals for rootkits on the system. The OSSEC syscheck component monitors system files and direct
Tue, 23 May 2006 18:02:02 GMTWe have chosen Linux antivirus products from three major vendors for the purpose of testing the realtime component or live scanning. The three vendors and products chosen are: Mcafee - LinuxShield Kaspersky - Antivirus for Linux Workstation F-Secure - Linux client security The goal of this study was to ascertain the simplicity of installing the realtime module that enables live scanning capabilities in addition to researching the overall capabilities. Starting with Mcafee, building realtime
Tue, 23 May 2006 16:23:23 GMTGot a spare laptop? Ever had one of those laptops that are too slow to run any gui on but not so horrible that you can't wait to use it for extreme frisbee? Why not turn it into a networking system that can be used for configuring all of the routers and switches, for security scanning, pen testing, network monitoring and various other testing tools? Grab the net ISO of Debian and start grabbing the impressive realm of tools out there just within grasp of your fingertips. Don't get me wrong,
Tue, 23 May 2006 15:12:12 GMTWith the use of a script and one tool, make your system virtually invisible on the network and fairly difficult to access. Let's start with a simple script that injects values into /proc: echo "0" > /proc/sys/net/ipv4/conf/all/accept_redirects echo "0" > /proc/sys/net/ipv4/conf/all/accept_source_route echo "0" > /proc/sys/net/ipv4/conf/all/send_redirects echo "1" > /proc/sys/net/ipv4/conf/all/rp_filter echo "1" > /proc/sys/net/ipv4/conf/all/log_martians echo "