marshalgraham.com
marshalgraham: October 2011
http://www.marshalgraham.com/2011_10_01_archive.html
Random things that I find interesting. Wednesday, October 26, 2011. Install and Configure Snort IDS on Windows. Managing Security with Snort and IDS Tools by Cox, Kerry/ Gerg, Christ (Google Affiliate Ad). If you are interested in running Snort. On Windows there are a few things you should know beforehand. I'll run through the steps to get Snort installed and configured on Windows. With that out of the way, the next step is to start installing Snort and it's prerequisites. Here's the list of things I...
volexity.com
Volexity Blog | Incident Response & Suppression
http://www.volexity.com/blog
Incident Response and Suppression. Virtual Private Keylogging: Cisco Web VPNs Leveraged for Access and Persistence. Cisco Clientless SSL VPN (Web VPN). Figure 1. Cisco Clientless SSL VPN Login Page. This is certainly not a resource to which you want an attacker to gain access. Unfortunately, Volexity has found that several organizations are silently being victimized through this very login page. This begs the question:. How are the attackers managing to pull this off? Allow an unauthenticated, remote att...
hackguide4u.com
December 2011 | Learn How To Hack - Ethical Hacking and security tips
http://www.hackguide4u.com/2011_12_01_archive.html
Mobile And Smart Phone Hacking. Subscribe and Don,t Miss A Free Hacking Course Receive Daily Updates. Enter your email address:. Archives for December 2011. Bypass Intrusion Detection/Prevention Signatures. 1:24 PM Posted by Adnan Anjum. Please note that this does not include the multitude of configuration errors (disabled by default checks like POST search/bad preprocessor configurations like minimum fragment length) nor network vs. host-based issues like fragment reassembly. The second signature would ...
doc.emergingthreats.net
NewUserGuide < Main < EmergingThreats
http://doc.emergingthreats.net/bin/view/Main/NewUserGuide
New ET Users Guide. 1 First, you need an IDS (such as Suricata or Snort) installed and running. Doing that is a bit beyond the scope of this guide. If you're having issues google "suricata/snort howto", you'll find many articles that will suit your needs. 2 Check out the sample emerging.conf. You then need to choose a platform. These are listed under each ruleset type. choose the snort version or Suricata version at or under your running version. Be careful going forward. If you are using...3 Choose your...
deepimpact.io
splunk and free open-source threat intelligence feeds - Deep Impact
http://www.deepimpact.io/blog/splunkandfreeopen-sourcethreatintelligencefeeds
Data analytics and siem. Network design and analysis. Security design and analysis. Service and host monitoring. Splunk and free open-source threat intelligence feeds. Creating splunk app for enterprise security technology add-ons. Installing securityonion on virtualbox. Creating splunk app for enterprise security technology add-ons. Installing securityonion on virtualbox. Splunk and free open-source threat intelligence feeds. Data analytics and siem. Network design and analysis. I am by no means an expe...
hackedip.com
Hacked IP
http://www.hackedip.com/faq.php
Where does HackedIP's threat data come from? We aggregate data from as many of the open source threat intelligence. How often is HackedIP's threat data updated? Data feeds are updated daily. What is a threat list? A threat list is a list of IP addresses which have been observed talking to Botnets or otherwise exhibiting malicious behavior. This is a strong indication a host associated with this IP addresses is compromised. How does HackedIP work? Hacked IP gathers public threat intelligence. HackedIP is ...
doc.emergingthreats.net
AllRulesets < Main < EmergingThreats
http://doc.emergingthreats.net/bin/view/Main/AllRulesets
All Emerging Threats Signatures. The rulesets are now available in multiple versions on multiple engines. please visit http:/ rules.emergingthreats.net/. To browse all available files for the platform and engine you desire. Directory has the open Emerging Threats ruleset, the best of the old Community Ruleset (now defunct) and the best of the old Snort GPL sigs (sids 3464 and earlier) moved to the 2100000 sid range to avoid duplication, especially with the Suricata versions of these rules.
defsecurityjam.blogspot.com
Def Security Jam: July 2015
http://defsecurityjam.blogspot.com/2015_07_01_archive.html
Cyber Security, Compliance, Security News, Vulnerabilities. Exploits, Tools and Experiences. Friday, July 24, 2015. John McAfee - How to Uninstall McAfee Antivirus. Til next time,. Court Graham, CISSP, OSCP, C EH, PCI-QSA, ITIL. Links to this post. Saturday, July 11, 2015. PWNOS Version 2 Walkthrough. Needing to keep the old knife sharp, i decided to try my luck at the PWNOS 2. Root@kali: # nmap 10.10.10.100. Starting Nmap 6.47 ( http:/ nmap.org ) at 2015-07-04 22:44 EDT. Host is up (0.00012s latency).