PLABS
softwareguideswar roomaboutgo-home
Latest Configuration Guides
Platform Title
Date
Red Hat Enterprise Linux 6.5 Snort Intrusion Detection System w/ Barnyard2 and PostgreSQL Support
February 9, 2014
Red Hat Enterprise Linux 6.4 Apache 2 Web Server w/ PHP5, OpenSSL, Suhosin and PostgreSQL, MySQL, IBM DB2 and/or Oracle Databases
May 24, 2013
IBM AIX 7.1 Setting Up TCP/IP, SSH and a GNU C / C++ Development Environment on AIX
January 9, 2012
Slackware Linux 13.37 IP Traffic Logger/Capture w/ Daemonlogger
May 9, 2011
Media and Research Requests
For journalists of all media, please use my PGP key for e-mail communications. Most requests I receive are for validating claims of major security events or vulnerabilities.

About one out of every five events I examine turn out to be fully or partially true. Our little community is increasingly becoming filled with rotten apples.

There is also an assumption of anonymity on my part, with exceptions only in very specific and authorized situations.


For research discoveries and disclosure, I already have a trusted list of journalists. For individuals and groups looking to include me in their efforts, please communicate using my PGP key listed above. Do your due dilligence first. I get a lot of requests and vetting what is legitimate gets annoying.
Splunk|  Blog

Shining a Light on Industrial Data

23 October 2014 - Enabling Insights from Industrial Data and the Internet of Things This week we announced that our technology partner, Kepware Technologies, released the Industrial Data Forwarder (IDF) for Splunk as part of their most recent KEPServerEX update. This application enables a new and much easier way to c…

Mitigating the POODLE Attack in Splunk

22 October 2014 - By now you are probably tired of seeing poodle memes. Fear not! Instead, I will share mitigation techniques on how to protect Splunk against this attack and leave out the memes. Let me preface the different techniques by adding some context to the exploitability of POODLE: This attack requires that…

Using Alerts to Send Data to Amazon S3

17 October 2014 - A customer recently asked me to prove a concept where Splunk could see a certain type of incoming event and then pass information from that event into their Amazon S3 storage. I knew that Splunk could create alerts for event conditions and then fire off a script when the alert triggers, but I had ne…

Now Time For the Splunk Weather Forecast

15 October 2014 - If you were at .conf last week you would have likely seen some of the exciting Internet of Things projects people are using Splunk for. I think Ed Hunsinger put it best: So far I’ve heard about @splunk being used for planes (Royal Flying Doctor), trains (New York Air Brake), and automobiles…

RDP to Windows Server from a Splunk Dashboard – Example Code

13 October 2014 - A while back, I wrote  blog post explaining how to RDP to a Windows Server from a Splunk Dashboard.  The steps involved the following: Create a Controller – this generates the .rdp file on the server and delivers it to the client. Create a custom endpoint in web.conf – this part enabl…

Snort  |  Blog

Snort Subscriber Rule Set Update for 10/21/2014

21 October 2014 - Just released:Snort Subscriber Rule Set Update for 10/21/2014We welcome the introduction of the newest rule release from Talos. In this release we introduced 27 new rules and made modifications to 8 additional rules. There were no changes made to the snort.conf in this release.Talos's rule…

Snort Subscriber Rule Set Update for 10/16/2014

17 October 2014 - Just released:Snort Subscriber Rule Set Update for 10/16/2014We welcome the introduction of the newest rule release from Talos. In this release we introduced 22 new rules and made modifications to 15 additional rules. There were no changes made to the snort.conf in this release. Talos woul…

Snort Subscriber Rule Set Update for 10/15/2014

15 October 2014 - Just released:Snort Subscriber Rule Set Update for 10/15/2014We welcome the introduction of the newest rule release from Talos. In this release we introduced 26 new rules and made modifications to 10 additional rules. There were no changes made to the snort.conf in this release. Talos woul…

Snort Subscriber Rule Set Update for 10/14/2014, MSTuesday, Group 72 Coverage

15 October 2014 - Just released:Snort Subscriber Rule Set Update for 10/14/2014We welcome the introduction of the newest rule release from Talos. In this release we introduced 56 new rules and made modifications to 9 additional rules. There were no changes made to the snort.conf in this release. Talos would…

Snort 2.9.6.1 EOL is October 15, 2014!

15 October 2014 - Snort 2.9.6.1 is now EOL for rule support.This means we will no longer be releasing updates for this version of the rule engine. Users of this version are now encouraged to upgrade to the latest version of Snort, which is now Snort 2.9.6.2.Please review our EOL policy here: https://www.snort.or…


© 2014 Procyon Labs / Randal T. Rioux