You can use a cache server for a small to medium-sized business no matter the industry or for whatever you would like. A DNS cache doesn’t have to be high maintenance or a menace to other people and organizations as long as you take certain precautions in the configuration. My Read more…
In order to learn web app exploitation safely (and legally), it is useful to have practice applications to run on your local environment. Damn Vulnerable Web Application (DVWA) was created for just this purpose. DVWA contains many common web vulnerabilities such as SQL injection, XSS, and more that allow you Read more…
Once data starts flowing through the sniffing interfaces you are going to be presented with a lot of false positives. It’s essential to reduce the number of false positives because the identification of real indicators can become next to impossible and your hardware will thank you. When I fired up Read more…
So, you have decided to install a pentesting distro to enjoy functionality that would be unavailable on a live usb. The very first question that needs to be asked is “How do I keep myself secure?” In addition to some of the more obvious features of most pentesting distributions, such as full disk encryption, macchanger and anonsurf there are some lesser known ways in which to ensure your Operational Security. In 5 easy steps we will seek to automate some of the tediousness of making sure your make sure your box is secure. (more…)
Before we begin configuring Security Onion, it’s a good idea to get an Oinkcode from snort.org if you’re going to use Snort.
Snort can also use the Emerging Threat rulesets.
There are three options available to obtain an Oinkcode.
- Community Edition – the rules are updated every 30 days, no support – FREE
- Personal – the rules are released daily, can submit false positives, home network or educational environments only – $29.99 per year
- Business – the rules are updated daily, priority support for false positives and Talos (the parent company) will work directly with you, for use in businesses, colleges, government, etc. – $399 per sensor per year
Once you create an account and pay for a subscription or not, you can find the Oink code by clicking on the email address in the upper right-hand corner of the page then select Oinkcode. (more…)