Guides News (18 Posts)

<< Next - First . 1 2

How to setup PIWIK to track visitors' downloads

#101 - Posted on 28 March 2015 - Author: SM - Category: Guides, Security

PIWIK is a an amazing Open-Source Web Analytics platform which is a good alternative to http://www.google.com/analytics/ as it provides full control to your data and more details (i.e.: full IP addresses).
You have 3x hosting options:

  • Use their cloud service. (More info here)
  • Host it yourself online: at the back of your web server or on a different/dedicated server. (More info here)
  • Host it offline, and manually import your apache logs. (More info here )

    • The advantage of hosting it online is that you can use a php/javascript trackers within your web pages producing more information on your visitors (screen resolution, plugins, etc)
    It also allows you to do certain "tricks", such as tracking who downloads a specific image as ...
    >>[READ MORE]

    How to setup Security Onion on a home network with Splunk, email alerts and some basic tuning

    #100 - Posted on 23 March 2015 - Author: SM - Category: Guides, IDS, Security

    Entry Last updated on the 11th of May 2015
    a PDF version is also available to download here

    Security Onion (SO) is a great open source project created by Doug Burks.
    It is a Linux Distribution based on Ubuntu and bundled/configured with all the tools you need to get a powerful, and free, Network Security Monitoring system (NSM). It can be used to monitor your network traffic for suspicious activities and malware.

    This guide is aimed at people who quickly want to get started with SO with the following basic functionalities:
  • Getting an understanding of what Network and Server setup are required
  • Going through a basic SO installation
  • Getting basic understanding on how to tune Snort and remove false positives
  • Getting regular reports and speci
    • ...
    >>[READ MORE]

    Fix for compiling VMwaretools 9.9.2 on kernel 3_18+

    #99 - Posted on 15 March 2015 - Author: SM - Category: Guides, Security

    We recently encountered some errors when trying to recompile the VMwaretools on Kali (kernel 3.18) and Security Onion (Kernel 3.2):

  • error: implicit declaration of function ‘smp_mb__after_clear_bit’
  • error: ‘struct dentry’ has no member named ‘d_alias’

    Those errors meant it was not possible to share files between the Host OS and the virtual machines, as compilation was failing in the vmhgfs-only directory.

    Below are a set of instructions to fix those issues.
    Please note the following was Tested with VMwaretools-9.9.2-2496486.tar.gz, and you need to do this as "root"
  • In Fusion/VMWare select reinstall VMwaretools - This will mount a virtual VMWare CDROM
  • Go to that CDROM and copy the VMwaretools tar.gz file onto your /tmp directory.
  • Unmount the CDROM (you may not need to do this, but we did have have issue once with the CDROM still mounted).
  • Uncompress the tar.gz file using "tar xvzf"
  • Go to /tmp/vmwa
    • ...
    >>[READ MORE]

    Apple Security in the Enterprise

    #91 - Posted on 3 February 2014 - Author: SM - Category: Guides

    There is a good document from the UK government describing the different security features available in Apple Mac OS X 10.8 and the ones you should consider if using a Mac as an enterprise end point:

    OS X 10.8 UK Gov security guidance document.

    In light of all the noise created by the NSA and GCHQ surveillance programs you might be tempted to dismiss governments’ position and view when it comes to IT Security. However,I found that document quite good and high level enough to be understood by mid-level management at least :)

    They do refer to an MDM solution for some of the controls without specifying which one, so I assume they are referring to a OS X Server Profile Management solution as described by Apple HER...
    >>[READ MORE]

    A story about Password: The Wrong Formula

    #84 - Posted on 29 March 2013 - Author: SM - Category: Guides, Security

    In this article I will first talk about some misconceptions regarding what is considered a secure password and then about how you can leverage different technologies to help protect your different credentials.

    In the past few years there has been a sharp increase in websites being hacked and their users’ passwords/hashes stolen, in parallel we are using online services for almost everything: to pay for your local pizzeria delivery or your electricity bill, access your bank account, connect to your work email, etc.

    The common advice is to use different passwords for each site you register to, but most people don’t. It means that hackers can often reuse credentials they obtained on one website to access another.

    One way to counter that risk would be to use some kind of formula so you remember a different password for each site you have registered to. This *could* be the best solution, as remembering a password formula means you do not have to write it do...
    >>[READ MORE]

    New Dropbox Issues and a work around

    #48 - Posted on 18 August 2011 - Author: SM - Category: Security, Guides

    More issues have been found with Dropbox, they were major issues and the researchers worked with the vendor to fix them before going public.
    Although they are now fixed they highlight the time bomb Dropbox is for enterprise users as usage convenience and security risk ignorance means sensitive information is likely to be transferred centrally on Dropbox from many different companies and user profiles.

    The 3 security issues discussed in the this article were:
    – Hash value spoofing to access other customer’s data
    – Stealing Dropbox hostID to access other customer’s data
    – Potential replay attack when providing other customer’s data hash combined with any valid host ID (i.e.: the attacker’s host ID) to get access to the corresponding data.

    One key point made in the article is ...
    >>[READ MORE]

    SANS Ondemand Training course: A few Tips

    #38 - Posted on 21 April 2011 - Author: SM - Category: Conferences, Guides

    I went to a SANS Forensic course (508) last year and a few weeks ago I decided to try something new… to stay at home and dedicate 5 days to do their Ethical Wireless Hacking training course (617).

    Let me first say that the 617 training course was really good, the author of the course and the recordings were made by Joshua Wright who runs the http://www.willhackforsushi.com blog. He is very knowledgeable and his enthusiasm was even contagious through audio only. In fact this is a huge understatement! I was truly amazed by his skills, stories and training delivery!
    So much that for 7 days I was up at 9am and worked until 2am each day on the different content material covered by the course.

    As I almost lost my sanity and started dreaming of ToDS/FromDS bits and fuzzing I thought I would share a few tips on this type of training course.

    – Check the last time the course was updated, and if there is an upco...
    >>[READ MORE]

    DoD Windows OS Security guides

    #11 - Posted on 10 September 2010 - Author: SM - Category: Guides, Security

    I have recently came across that Department of Defence website where they provide free and unclassified Windows Security Guides. From Windows 2000 to windows 7, they provide a set of checklist and “STIG” which stands for Security Technical Implementation Guides.

    Having only checked the Windows 7 “STIG”, I found it a useful resource when one can get some ideas on how to secure/validate a windows 7 server configuration.

    http://iase.disa.mil/stigs/content_pages/windows_os_security.html

    ...
    >>[READ MORE]