Updated: Resources

June 9, 2015

New entries in the resources section.





Updated: Links

June 9, 2015

New entries in the links section.





New Article: Sophos UTM Tutorial: VirtualBox Deployment

March 30, 2015

Sophos UTM Home Edition (formally Astaro Security Gateway) is an enterprise-grade Unified Threat Management appliance that can be licensed at no charge for home users. Its features include antivirus scanning of HTTP, HTTPS & FTP traffic with your choice to use Avira, Sophos, or both AV engines, web content filtering and application control permitting the blocking of undesirable sites, IPS protection using Snort, network firewall and the ability to block traffic based on country of origin, client authentication, e-mail protection, VPN access, traffic shaping, and other capabilities.

Updated: Resources

February 4, 2015

New entries in the resources section.





Updated: Links

January 20, 2015

New entries in the links section.





New Article: Beeswarm honeypot on Ubuntu 14.04 LTS

December 2, 2014

This is a tutorial on installing and using Beeswarm on a series of three Ubuntu Server 14.04 LTS systems, one acting as the Beeswarm server and the remaining as Beeswarm drones. All systems are virtualized on VirtualBox servers. The Ubuntu systems are configured to automatically install software updates. The Beeswarm drones are allocated 192 MB of RAM and 2.5 GB of disk space, the Beeswarm server 256 MB of RAM and 4 GB of disk space.

Updated: Links

December 2, 2014

New entries in the links section.





Updated: Resources

December 2, 2014

New entries in the resources section.





New Article: Firefox about:config privacy and security settings

November 4, 2014

Below are some configuration settings you may consider enabling in Mozilla Firefox in about:config for privacy and security reasons. This list is not meant to be exhaustive and generally does not list entries that can easily be set via the options or preferences menu. Some of these settings have a negative performance impact or remove functionality. Also keep in mind that the further you take your Firefox configuration away from the norm, the rarer your Firefox setup might become and therefore ironically enough, the more identifiable your system may be (see https://panopticlick.eff.org/ for details) and so we recommend reviewing the list below and setting those that make sense for your scenario.

New Article: Diskless true SSH honeypot using Alpine Linux

October 21, 2014

The goal of this article was to set up a honeypot to detect unauthorized SSH authentication attempts in order to detect IP addresses that are targeting SSH services. To achieve this we set up a virtual system running Alpine Linux in diskless mode with OpenSSH active. In this mode the OS is installed in RAM only and thus any data and configuration changes are lost upon a system restart. However we take a snapshot of the system after configuring it so that it can be instantly recreated in the event of a power loss or system restart. The Alpine Linux system in turn is configured to send its SSH logs to AlienVault (OSSIM) for reporting and also to generate actionable alerts.

Updated Article: Tcpdump usage examples

October 1, 2014

We have added a few new useful entries to the list.





Updated: Resources

September 22, 2014

New entries in the resources section.





Updated: Links

September 12, 2014

New entries in the links section.





Updated: Resources

August 6, 2014

New entries in the resources section.





Updated Article: List of commercial products that included malware

June 21, 2014

Article updated to include Star N9500 Android smartphones that come infected with the malware Android.Trojan.Uupay.D.





Updated: Links

May 31, 2014

New entries in the links section.





New Article: CentOS 6 VirtualBox Server

January 12, 2014

In this article we build a desktop system that will be used exclusively for running virtualized systems. The hardware consists of an ASRock Z87 Pro3 motherboard and Intel i7-4770 CPU on which we've installed 32 GB of RAM. This specific motherboard was selected because it was known to support a standard installation of Linux without needing any tweaks, and also because it was listed as supporting VT-d in addition to VT-x.