Heard of SPF but not sure how to pass an SPF check? Lets get back to basics and have a quick look at the SPF DNS record that can make your email delivery more reliable and less likely to hit the spam folder. An SPF record is a DNS TXT record that contains the IP [...]
ngrep and tcpflow – packet capture on a shoestring
The Ngrep and TCPflow packet capture tools are useful for fast access to packets on the wire. As you will see they make grabbing text out of the network stream a piece of cake. You may have heard of Wireshark (formerly Ethereal), a powerful network packet capture tool that enables a user to grab packets [...]
Firewall Testing with a remote Port Scanner
A Firewall Test conducted by an external port scanner will quickly identify open services and weakness in firewall configurations. In this post I will revisit some of the benefits of a remote firewall test and cover the basics of why a firewall is still an important part of any Internet connected system. Why you need [...]
There are no WordPress Timthumb Hackers in Mongolia
What is Timthumb? Back in August 2011 a serious vulnerability was found in many popular WordPress themes and Plugins. The code that enabled automatic thumbnail creation when publishing with the WordPress content management system. While not a part of the WordPress core, the code had been reused by many developers including both commercial and free [...]
Update GeoIP data for Splunk App
If you are using the GeoIP app for Splunk you will find that it has not been updated recently. The last update was June 2011. Following my recent post regarding the installation of Splunk on an Ubuntu based system I started to dig into this app and found that it is a simple matter to [...]
Install Splunk on Ubuntu in 5 mins
Splunk is a powerful log database that can be used for analysis of any sort of log data through its easy to use search engine. Security logs, Syslog, Web server logs and Windows logs are just the beginning. One of the great features of Splunk is that you can feed pretty much any log into [...]
Leading websites that enable IPv6 now at 2.68%
There is a need for web site owners and business to enable IPv6 on networks and public facing Internet services. HackerTarget.com has completed a second survey of the websites in the Alexa Top 1 Million to review the latest progress. The survey tested each host for the presence of an AAAA DNS record. This is [...]
11 Offensive Security Tools for SysAdmins
Offensive security tools are used by security professionals for testing and demonstrating security weakness. Systems Administrators and other IT professionals will benefit from having an understanding of at least the capabilities of these tools. Benefits include preparing systems to defend against these types of attacks and being able to identify the attacks in the case [...]
10 Essential Open Source Security Tools
There are thousands of open source security tools with both defensive and offensive security capabilities. The following are 10 essential security tools that will help you to secure your systems and networks. These open source security tools have been given the essential rating due to the fact that they are effective, well supported and easy [...]
Firewalling Ubuntu with UFW for IPv4 + IPv6
Under Ubuntu you can quickly build an based firewall using the handy built in firewall configuration tool UFW. Network architectures will vary but if you are deploying Internet facing Servers you generally should be configuring a host based firewall. It can provide protection to listening services that don’t need to be Internet accessible, in addition [...]
