PLABS
softwareguideswar roomaboutgo-home
Latest Configuration Guides
Platform Title
Date
Red Hat Enterprise Linux 6.5 Snort Intrusion Detection System w/ Barnyard2 and PostgreSQL Support
February 9, 2014
Red Hat Enterprise Linux 6.4 Apache 2 Web Server w/ PHP5, OpenSSL, Suhosin and PostgreSQL, MySQL, IBM DB2 and/or Oracle Databases
May 24, 2013
IBM AIX 7.1 Setting Up TCP/IP, SSH and a GNU C / C++ Development Environment on AIX
January 9, 2012
Slackware Linux 13.37 IP Traffic Logger/Capture w/ Daemonlogger
May 9, 2011
Media and Research Requests
For journalists of all media, please use my PGP key for e-mail communications. Most requests I receive are for validating claims of major security events or vulnerabilities.

About one out of every five events I examine turn out to be fully or partially true. Our little community is increasingly becoming filled with rotten apples.

There is also an assumption of anonymity on my part, with exceptions only in very specific and authorized situations.


For research discoveries and disclosure, I already have a trusted list of journalists. For individuals and groups looking to include me in their efforts, please communicate using my PGP key listed above. Do your due dilligence first. I get a lot of requests and vetting what is legitimate gets annoying.
Splunk|  Blog

Using Hadoop RecordReaders with Hunk

4 March 2015 - Hunk is able to process any data format that has a RecordReader a.k.a pre-processor. In previous posts, we showed you how to use pre-processors to search image data with Hunk and how you can write your own RecordReader. In this post, you’ll learn how you can use existing Hadoop RecordReader&…

Splunk at Nordstrom (part 4 of 4): Enterprise Security at Nordstrom

2 March 2015 - One of the great things about Splunk is that it is such a powerful platform that can be used in many different ways (see Splunk at Nordstrom Part 2: Nordstrom and Mobile POS), so you can get the most bang for your buck. At Nordstrom, Splunk was initially used to monitor website performance – page…

.conf2014 Highlight Series: Deep Dive into Search Head Clustering

26 February 2015 - We’re back with the latest installment of our .conf2014 highlight series. Today, we revisit one of our most popular sessions of last year’s conference, “What’s New in Search Head Clustering.” Skill Level: Intermediate Solution Area: Deploying Splunk Splunk: Splunk E…

Smart AnSwerS #12

26 February 2015 - Hello Splunk community and welcome to the 12th installment of Smart AnSwerS. I had just come back from eating lunch and what do I find 10 feet away from my desk? Over 15 boxes of leftover pizza from a meeting of course. I fight the urge to grab a slice or five and I take a break for the gym instea…

Splunk at Mobile World Congress 2015

25 February 2015 -   If you’re heading to Mobile World Congress this year, be sure to visit us at booth 8.0I27 in Hall 8.0! Over the past two decades, Mobile World Congress has become THE event where companies – including communications service providers, makers of next-generation mobile devices and mobi…

Snort  |  Blog

Snort Subscriber Rule Set Update for 03/03/2015

4 March 2015 - Just released:Snort Subscriber Rule Set Update for 03/03/2015We welcome the introduction of the newest rule release from Talos. In this release we introduced 29 new rules and made modifications to 16 additional rules. There were no changes made to the snort.conf in this release. Talos woul…

Snort++ Build 140 Available Now

2 March 2015 - Snort++ build 140 is now available.  This is the second monthly update of the downloads.  You can also get the latest updates from github (snortadmin/snort3) which is updated weekly.Continued code sync with Snort 2.9.7:sync 297 http xff, swf, and pdf updatessync ftp with 297; replace strea…

Snort 3.0's new http_inspect preprocessor!

26 February 2015 - One of the major undertakings for Snort 3.0 is developing a completely new HTTP inspector. It is incomplete right now but you can examine the work-in-progress. You can configure it by adding: new_http_inspect = {}to your snort.lua configuration file. Or you can read it in the source code under sr…

Snort++ Update

26 February 2015 - Just pushed build 139 to github (snortadmin/snort3):sync 297 http XFF, SWF, and PDF updatesadditional http_inspect cleanupdocumented gotcha regarding rule variable definitions in Lua…

Snort Subscriber Rule Set Update for 02/26/2015

26 February 2015 - Just released:Snort Subscriber Rule Set Update for 02/26/2015We welcome the introduction of the newest rule release from Talos. In this release we introduced 43 new rules and made modifications to 199 additional rules. There were no changes made to the snort.conf in this release.Talos's ru…


© 2001-2015 Procyon Labs / Randal T. Rioux