Variance in rwfilter results from netflow v5 and YaF

Looking over some netflow data I notice some variance between the two sensors. Sensor s0 is v5 netflow data from a Cisco switch, s1 is from a network tap listening between a Router on a Stick and said Cisco switch. … Continue reading

Posted in security | Tagged , | Leave a comment

Configure YAF on Linux for NetFlow collection from a network tap or SPAN

In a previous post SiLK was setup on a Debian host using NetFlow v5 from a Cisco switch. This worked well but I also have a network tap and said Cisco switch is capable of capturing data via SPAN port(s). … Continue reading

Posted in security | Tagged , , , | 2 Comments

Configure SiLK on Linux for NetFlow collection from a Cisco router

This guide walks through configuring SiLK from a source install on a Debian 6 host in order to collect NetFlow data from a Cisco router. The guides here and here written by CERT NetSA are quite good but lack some … Continue reading

Posted in security | Tagged , , , | 2 Comments

Setting Google Storage object ACL for authenticated downloads

Google’s gsutil is a great tool for pushing, retrieving and setting permissions on objects uploaded to Google Storage. I was reviewing the documentation on the Sharing and Collaboration page, specifically the Authenticated Browser Download section and realized there were a … Continue reading

Posted in internet | Tagged , , | Leave a comment

Running NIX Retina and Nessus vulnerability scans with least privileges

When you are running those vulnerability scans of Linux and UNIX hosts I hope that you are following best practices for keeping a host secure during the process. Both Retina and Nessus rely upon SSH in order to connect to … Continue reading

Posted in security | Tagged , | Leave a comment

Use Facebook CDN to host website photo gallerys

I was thinking about how to retrieve photos from Facebook photo gallery’s and came across a number of solutions. Most of the solutions were for blog or CMS and furthermore required caching your credentials in a database along with a … Continue reading

Posted in coding | Tagged , , , | 11 Comments

New blog header image

I would like to take a moment and thank the guys over at Xen for allowing me to use their “light bike” logo for my blog’s header image. Please take a moment to checkout their site for your virtualization needs.

Posted in web design | Tagged , | Leave a comment

Debian backup script updated

A quick note that I updated my Debian backup script located here: https://github.com/rsreese/debian-update-script. I have fixed a few bugs that became apparent with the release of Debian 6 “Squeeze” and made a few other tweaks. I have also added the … Continue reading

Posted in systems administration | Tagged , | Leave a comment

Blocking evil with the Enhanced Mitigation Experience Toolkit EMET

While experimenting with EMET I decided to put together a little presentation demonstrating how it can be used to prevent exploitation of a known threat to Acrobat Reader. The presentation first demonstrates the exploit using Metasploit, provides some high level … Continue reading

Posted in security | Tagged , , , , , | Leave a comment

Pseudo Gmail address obfuscation

I was hunting around for a way to create email aliases for mailing-lists and whatnot. It is a little disappointing to learn that there is not away to create true aliases with Google’s Gmail. You can create aliases if using … Continue reading

Posted in internet | Tagged , | 2 Comments

Insecure Library Loading Could Allow Remote Code Execution

Note this is an older post that I am migrating from another blog I previously maintained. Metasploit has already provide a nice write up of the pwning, I mean testing the vector http://blog.metasploit.com/2010/08/exploiting-dll-hijacking-flaws.html. It does involve a bit of prep … Continue reading

Posted in security | Tagged , , | Leave a comment

Keeping your hardware safe and avoiding the evil maid

This installment is about keeping your notebook and other technology items safe. I was recently asked what the Defcon locks were for that I have been distributing with the new notebooks. I jokingly said to keep people from taking your … Continue reading

Posted in security | Tagged , , | 3 Comments

Creating VMware VMDK files from DD images using Live View

While watching some Florida football today I decide to figure out how to mount/run a DD image in VMware Workstation. My image mounting skills were a little lacking so Google it was. I found a ton of great examples that … Continue reading

Posted in systems administration | Tagged , , , | Leave a comment

How I got started in information technology

Every once in a while someone asks me how I got started in working in the information technology realm. Usually someone that is not in the industry or they are interested in working with computers as a career and are … Continue reading

Posted in education | Leave a comment

Finally migrated from Blogger to WordPress

I haven’t posted in a while because Blogger finally did away with their FTP/SCP publishing ability meaning if I wanted to continue using Google’s Blogger platform I would have to allow them to host my content for me. I don’t … Continue reading

Posted in blog | Tagged , | Leave a comment

Redirect Blogger URL using Mod Rewrite and shell scripting fu

Blogger is doing away with the option to host your blog via your own host and migrating everything to the cloud. I wanted to have the option to continue hosting my blog on my own server even though as of … Continue reading

Posted in coding | Tagged | 2 Comments

A few tools that may help rid of malware

These tools may help rid a computer system of malware but be warned they can be very destructive to your system. In other words if you don’t know what you’re doing then backup what you can and take it to … Continue reading

Posted in security | Tagged | Leave a comment

Setting up maildrop with Courier MTA

Setting up maildrop with Courier MTA Before I get into the maildrop here’s a few notes to myself for setting up Courier. Before running ./configure you should add ssl bin directory to your path To receive local mail indifferent of … Continue reading

Posted in linux | Tagged | Leave a comment

Migrating from Blogger to WordPress

Blogger is removing the functionality to host your own “Blogger” content by disabling the FTP/SFTP functionality from their system. I’m considering their hosting solution or migrating to a WordPress solution. If I stick with Google’s Blogger hosting then bandwidth should … Continue reading

Posted in blog | Tagged | Leave a comment

God Mode – Give Windows users an easier way to destory their computers

Windows 7 and Vista (latter can be buggy) has an interesting feature that allows quick access to allow kinds of administrative tools. To create God Mode simply create a new folder on your desktop and name it the following: GodMode.{ED7BA470-8E54-465E-825C-99712043E01C} … Continue reading

Posted in systems administration | Tagged | Leave a comment