Weekend Challenge – Answers
Well its now Thursday so I figured its time to post the answers to last weekend’s challenge. First, why should you even care about IPv6 if you have not started deploying it? I felt much the same way...
View ArticleICMPv6 Challenge
Building on the IPv6 challenge from last time, I have a new one for you: Write a tcpdump/windump filter which will capture ICMPv6 Multicast Listener packets. That’s it! Pretty easy, right?
View ArticleICMPv6 Challenge – Hints
OK, here’s a hint to point you in the right direction. The challenge was: “Write a tcpdump/windump filter that will capture ICMPv6 Multicast Listener packets.” Sounds easy, right? With a little help...
View ArticleICMPv6 Challenge – Answers
The challenge was: “Write a tcpdump/windump filter that will capture ICMPv6 Multicast Listener packets.” I have an extensive write up on what makes the answer so complex. If you know IPv6 and just want...
View ArticleDay 2 Keynote
Thanks to all who came out to the Encryption/DLP summit. Here are the slides from my keynote on day 2. encryption-dlp-keynote
View ArticleCombining Logwatch and OSSEC
I recently had a student ask me a question regarding the integration of Logwatch with OSSEC. I felt like this was a complex and yet cool enough idea that it warranted a series of posts to cover it in...
View ArticleCombining Logwatch and OSSEC – Part 2
In my last post I described how Logwatch could be used to simplify the log review process. In this post we’ll look at OSSEC and what it brings to the table. What Is OSSEC? OSSEC, short for “Open Source...
View ArticleCombining Logwatch and OSSEC – Part 3
In my last two posts I discussed Logwatch and OSSEC, as well as how they can be leverage to augment your security posture. In this installment I’ll discuss how to install both of these tools....
View ArticleCombining Logwatch and OSSEC – Part 4
In my last post we installed Logwatch as well as OSSEC. It is now time to get Logwatch and OSSEC playing together in the same sandbox. In this post I’ll discuss how to get Logwatch to summarize the...
View ArticleAre Virtualized Systems More Or Less Secure?
I’ve had the above question asked enough times that I felt it worthy of a blog post. While a few years back the answer may have been “less secure”, today the answer is “both”. I know, sounds like Chris...
View Article