PLABS
softwareguideswar roomaboutgo-home
Latest Configuration Guides
Platform Title
Date
Red Hat Enterprise Linux 6.5 Snort Intrusion Detection System w/ Barnyard2 and PostgreSQL Support
February 9, 2014
Red Hat Enterprise Linux 6.4 Apache 2 Web Server w/ PHP5, OpenSSL, Suhosin and PostgreSQL, MySQL, IBM DB2 and/or Oracle Databases
May 24, 2013
IBM AIX 7.1 Setting Up TCP/IP, SSH and a GNU C / C++ Development Environment on AIX
January 9, 2012
Slackware Linux 13.37 IP Traffic Logger/Capture w/ Daemonlogger
May 9, 2011
Media and Research Requests
For journalists of all media, please use my PGP key for e-mail communications. Most requests I receive are for validating claims of major security events or vulnerabilities.

About one out of every five events I examine turn out to be fully or partially true. Our little community is increasingly becoming filled with rotten apples.

There is also an assumption of anonymity on my part, with exceptions only in very specific and authorized situations.


For research discoveries and disclosure, I already have a trusted list of journalists. For individuals and groups looking to include me in their efforts, please communicate using my PGP key listed above. Do your due dilligence first. I get a lot of requests and vetting what is legitimate is time consuming..
Splunk|  Blog

Everything you always wanted to know about SPAN ports, Network Taps, Packet Mirrors, and the Splunk App for Stream (but were afraid to ask)

29 May 2015 - As this is my first Splunk blog post, I’ll keep this short. This post has to do with moving raw packets around the network and analyzing their contents. In fact, not IP packets at L3, actually Ethernet frames at Layer 2. Occasionally, engineers have a need to capture and inspect raw packets. T…

Smart AnSwerS #23

29 May 2015 - Hey there community and welcome to the 23rd installment of Smart AnSwerS! This morning was filled with *drilling noise…more drilling noise…even more drilling noise* as several standing desks were installed for folks all around me. I sit here among towering giants, burning calories faster than me…

.conf2014 Highlight Series: Onboarding Data Into Splunk

29 May 2015 - .conf2015 registration is open! We’re excited to continue our series of .conf2014 #TBT highlights, especially as .conf2015: The 6th Annual Splunk Worldwide Users’ Conference in Las Vegas is quickly approaching. This week we revisit Andrew Duca’s presentation, because getting your data into Spl…

The M.O. of Insider Threats

28 May 2015 - Public concern for defending against cyber threats has grown exponentially over the past five years. However, perhaps the most recognizable U.S. government breach during that time was perpetrated by an insider, Edward Snowden. I recently participated in a webinar that explored how public and private…

Getting Started with Splunk MINT

27 May 2015 - Mobile apps are changing the way we experience IT. According to a March 2015 report from 451 Research, over 80% of enterprises in the US plan to deliver custom-built mobile apps in the next two years.  The challenge? Mobile apps don’t operate like traditional browser-based web apps. Mobile ap…

Snort  |  Blog

Snort Subscriber Rule Set Update for 05/28/2015

29 May 2015 - Just released:Snort Subscriber Rule Set Update for 05/28/2015We welcome the introduction of the newest rule release from Talos. In this release we introduced 1 new rules and made modifications to 345 additional rules. There were no changes made to the snort.conf in this release.Talos's rul…

Snort++ DAQ and Logger Updates

28 May 2015 - There are several changes in recent updates that provide new ways to input packets and output event data. Much of the change is driven by development and test needs but you may find the new capabilities useful as well. Here is a brief summary:Hext DAQ AddedInput raw packets or TCP payload with 4-t…

Snort++ Update

28 May 2015 - Just pushed build 154 to github (snortadmin/snort3):new_http_inspect parsing and event handling updatesinitial port of file capture from Snortstream_tcp reassembles payload onlyremove obsolete REG_TEST loggingrefactor encode_format*()rewrite alert_csv with default suitable for reg tests and debuggin…

Snort Subscriber Rule Set Update for 05/26/2015

26 May 2015 - Just released:Snort Subscriber Rule Set Update for 05/26/2015We welcome the introduction of the newest rule release from Talos. In this release we introduced 30 new rules and made modifications to 86 additional rules. There were no changes made to the snort.conf in this release.Talos's rul…

Snort++ Update

22 May 2015 - Just pushed build 153 to github (snortadmin/snort3):new_http_inspect parsing updatesupdate u2 to output data only packetsadded DAQs for socket, user, and file in extraschanged -K to -L (log type)added stream_user for payload processingadded stream_file for file processing…


© 2001-2015 Procyon Labs / Randal T. Rioux