I put this blog entry up over on the Snort.org blog this morning. Figured it might help people answer some questions. Check it out.
http://blog.snort.org/2011/05/resolving-flowbit-dependancies.html
Please leave comments below.
Showing posts with label websites. Show all posts
Showing posts with label websites. Show all posts
Friday, May 27
Tuesday, November 30
Sorry for the lack of posts, I've been particularly busy.
Been pretty busy lately with my two full-time day jobs at Sourcefire. The good news is, if you are a Snort user, that I am working on a lot of things that will not only make our community better, but improve how Sourcefire interacts with that community and allow us to move forward in a more progressive manner.
Aside from Sourcefire/Snort stuff, the shop that is restoring my Mustang is almost done (should get it back this week, and when I do, I'll post pics), I'm working on the shops website too (as the old one needed some TLC). I got with the owner and we decided to redo the whole thing, so I am doing that in my spare time as well.
Thank you Squarespace!
Also working on another website that I tighten up a bit (aside from tightening up Snort.org a bit as well) for another company (Car alarm company) that I do a bit of consulting/marketing for. So, it feels like I am buried in html lately.
On top of all of that, my son is doing well, my daughter is awesome and my wife's Grandmother died this past week, so we are all dealing with that as well.
Busy Busy Busy. Stay tuned. I've got a few posts lined up for the pipeline for not only this blog but for another blog I am starting, so when that all comes together, stay tuned!
Aside from Sourcefire/Snort stuff, the shop that is restoring my Mustang is almost done (should get it back this week, and when I do, I'll post pics), I'm working on the shops website too (as the old one needed some TLC). I got with the owner and we decided to redo the whole thing, so I am doing that in my spare time as well.
Thank you Squarespace!
Also working on another website that I tighten up a bit (aside from tightening up Snort.org a bit as well) for another company (Car alarm company) that I do a bit of consulting/marketing for. So, it feels like I am buried in html lately.
On top of all of that, my son is doing well, my daughter is awesome and my wife's Grandmother died this past week, so we are all dealing with that as well.
Busy Busy Busy. Stay tuned. I've got a few posts lined up for the pipeline for not only this blog but for another blog I am starting, so when that all comes together, stay tuned!
Sunday, November 21
Building an HTML5 Drag & Drop File Uploader Using Sinatra and jQuery: Part 1
Building an HTML5 Drag & Drop File Uploader Using Sinatra and jQuery: Part 1 • Caffeine • Onehub.
Just an interesting post I'd like to draw attention to. Give it a read. This could have some application in security.
Part 2:
http://onehub.com/blog/posts/designing-a-drag-drop-experience-for-the-web/
Just an interesting post I'd like to draw attention to. Give it a read. This could have some application in security.
Part 2:
http://onehub.com/blog/posts/designing-a-drag-drop-experience-for-the-web/
Tuesday, May 25
Mark Zuckerberg - From Facebook, answering privacy concerns with new settings
Mark Zuckerberg, in an article on WashingtonPost.com answers some of the privacy accusations that have been thrown in his direction about Facebook. It reads like PR copy, so take it for what it's worth, but at least he came out and said something about it.
Kudos for him to at least acknowledging it.
Mark Zuckerberg - From Facebook, answering privacy concerns with new settings.
Kudos for him to at least acknowledging it.
Mark Zuckerberg - From Facebook, answering privacy concerns with new settings.
Monday, May 24
Top 10 Privacy Tweaks You Should Know About
Along the lines of my Facebook post that I put up on Saturday, I found this article (linked below) over on Lifehacker.
Top 10 Privacy Tweaks You Should Know About.
Top 10 Privacy Tweaks You Should Know About.
Wednesday, May 19
Metasploit 3.4.0 Framework is released
Here is a link to the Metasploit 3.4.0 Framework release notes, I'm not going to summarize them for you because there are a ton of points in the release notes.
Check it out below.
Metasploit Framework - Release Notes 34 - Metasploit Redmine Interface.
Check it out below.
Metasploit Framework - Release Notes 34 - Metasploit Redmine Interface.
6 Tech Certifications That Will Get You Hired as a Security Pro
I'm not a gigantic fan of Security Certifications, but this is interesting, as it allows you to know your audience, and it allows the audience to know what to look for.
Why am I not a Gigantic Fan of Certifications?
Personally I'd rather hire someone that can do the job, do it well, and if they don't know the answer, know where to find it.
6 Tech Certifications That Will Get You Hired as a Security Pro | ITBusinessEdge.com.
Why am I not a Gigantic Fan of Certifications?
- Anything that can be bootcamp'ed is worthless.
- Anything where all the answers can be found in the book for the classware, and you are allowed to take the classware book with you to the test.. worthless
- Anything that does not require a practical exam. (Either written or physically typing something) is worthless. Which is why I am a slightly larger fan of the Gold GIAC certifications. As they require you to write a practical. Or the harder Cisco ones, or the Redhat exams.
Personally I'd rather hire someone that can do the job, do it well, and if they don't know the answer, know where to find it.
6 Tech Certifications That Will Get You Hired as a Security Pro | ITBusinessEdge.com.
Wednesday, May 5
Chrome 5 is freaking fast.
I've been using Chrome since it came out for the Mac awhile back, off and on, and staying current with the beta builds. However, this build that came out yesterday is AMAZING.
Chrome 5, as a result of some "tuning" they have been doing with the Chrome rendering and javascript engines is noticeably faster. There are some lovely bar graphs on Google's blog here. But, stupid graphs aside, I've noticed a difference this morning when loading my regular webpages (my gmail page, my gmail calendar, my me.com account, etc.) Anything that can load the whole me.com interface in about 2 seconds is a freaking fast browser.
Nice job on this one Google.
To the readers: If you have the ability to check it out, do so. It's pretty impressive.
Chrome 5, as a result of some "tuning" they have been doing with the Chrome rendering and javascript engines is noticeably faster. There are some lovely bar graphs on Google's blog here. But, stupid graphs aside, I've noticed a difference this morning when loading my regular webpages (my gmail page, my gmail calendar, my me.com account, etc.) Anything that can load the whole me.com interface in about 2 seconds is a freaking fast browser.
Nice job on this one Google.
To the readers: If you have the ability to check it out, do so. It's pretty impressive.
Tuesday, May 4
Internet Explorer web browser use drops below 60%
Now remember, that these aren't specifically browsers, these are representations of rendering engines. IE's rendering engine is called Trident, Firefox's is called Gecko, etc. So it's interesting that IE is falling, yes it's still built into every Windows Machine, but the alternative browsers are gaining market in there as well. Look at Firefox, it's up a bit, but the one that is the biggest uptick is Webkit. Webkit is the rendering engine behind Safari (Mac's browser), Chrome (Google's browser), Android's browser, the iPhone browser, and the iPad browser.
Now, I don't know if they counted mobile browsers in this mix (iPhone, iPod, and iPad) but it's an interesting graph none-the-less.
AppleInsider | Internet Explorer web browser use drops below 60%.
Monday, April 26
Snort 2.8.6 is released!
[*] New Additions
* HTTP Inspect now splits requests into 5 components -
Method, URI, Header (non-cookie), Cookies, Body.
Content and PCRE rule options can now search one or more of these buffers.
HTTP server-specific configurations to normalize the HTTP header and/or cookies have been added.
Support gzip decompression across multiple packets.
* Added a Sensitive Data preprocessor, which performs detection of Personally Identifiable Information (PII). A new rule option is available to define new PII. See README.sensitive_data and the Snort Manual for configuration details.
* Added a new pattern matcher and related configurations. The new pattern matcher is optimized to use less memory and perform at AC speed.
[*] Improvements
* Addressed problem to resolve output obfuscation affecting packets when Snort is inline.
* Preprocessors with memcap settings can now be configured in a "disabled" state. This allows you to configure that memcap globally, but only enable the preprocessor in targeted configurations.
Go to http://www.snort.org to download the latest release! I have two more posts that will be coming out later today with further updates, so make sure you read those as well. Also, make sure you read the VRT blog for further information: http://vrt-sourcefire.blogspot.com
* HTTP Inspect now splits requests into 5 components -
Method, URI, Header (non-cookie), Cookies, Body.
Content and PCRE rule options can now search one or more of these buffers.
HTTP server-specific configurations to normalize the HTTP header and/or cookies have been added.
Support gzip decompression across multiple packets.
* Added a Sensitive Data preprocessor, which performs detection of Personally Identifiable Information (PII). A new rule option is available to define new PII. See README.sensitive_data and the Snort Manual for configuration details.
* Added a new pattern matcher and related configurations. The new pattern matcher is optimized to use less memory and perform at AC speed.
[*] Improvements
* Addressed problem to resolve output obfuscation affecting packets when Snort is inline.
* Preprocessors with memcap settings can now be configured in a "disabled" state. This allows you to configure that memcap globally, but only enable the preprocessor in targeted configurations.
Go to http://www.snort.org to download the latest release! I have two more posts that will be coming out later today with further updates, so make sure you read those as well. Also, make sure you read the VRT blog for further information: http://vrt-sourcefire.blogspot.com
Wednesday, March 31
Fiber Economics — Dave Troy
Fiber Economics — Dave Troy: Fueled By Randomness.
Darn good article by Dave Troy, a business man out of Baltimore, MD. He explains Verizon and Comcast, the two biggest players in Internet access (in terms of "innovation"), and how Google's Fiber ambitions play into that.
Thanks @awilliams for the pointer to that one.
Darn good article by Dave Troy, a business man out of Baltimore, MD. He explains Verizon and Comcast, the two biggest players in Internet access (in terms of "innovation"), and how Google's Fiber ambitions play into that.
Thanks @awilliams for the pointer to that one.
Tuesday, March 23
Some notes on “making Snort go fast under Linux”
Work Together For The Benefit Of All ManKind… » Some notes on “making Snort go fast under Linux”.
Read the above link if you are interested in Snort. Author Edward Fjellskål does a nice job of explaining some really tricky details of Optimizing Snort. Including little tweaks about how to optimize the kernel.
Take a look, nice post Edward.
Read the above link if you are interested in Snort. Author Edward Fjellskål does a nice job of explaining some really tricky details of Optimizing Snort. Including little tweaks about how to optimize the kernel.
Take a look, nice post Edward.
Indian military to weaponize world's hottest chili
My Way News - Indian military to weaponize world's hottest chili.
Read the above article. This is a great use for food as a weapon. Hurt? Yes. Lethal? Probably not. Immobilizing? Heck yes.
Read the above article. This is a great use for food as a weapon. Hurt? Yes. Lethal? Probably not. Immobilizing? Heck yes.
Sunday, March 21
Inbox Zero is fail? Wrong.
Alyssa Gregory, blogger at sitepoint, clearly doesn't get it.
It = Inbox Zero, she says it can't be done.:
Merlin Mann, the de-facto creator of Inbox Zero offered a nice rebuttal, basically saying, "you clearly don't get it."
Then, Alyssa writes another post, basically saying "Uh, yeah, it still won't work."
Of course, this isn't my fight, it's Merlin's, however, as a devout follower of Inbox Zero, relying on it constantly as my day in and day out way of staying sane, I offered this rebuttal, which are basically my feelings about email. (Which I doubt she'll post, but whatever.) Here it is.
Merlin, you are still the man.
It = Inbox Zero, she says it can't be done.:
Merlin Mann, the de-facto creator of Inbox Zero offered a nice rebuttal, basically saying, "you clearly don't get it."
Then, Alyssa writes another post, basically saying "Uh, yeah, it still won't work."
Of course, this isn't my fight, it's Merlin's, however, as a devout follower of Inbox Zero, relying on it constantly as my day in and day out way of staying sane, I offered this rebuttal, which are basically my feelings about email. (Which I doubt she'll post, but whatever.) Here it is.
Merlin, you are still the man.
I believe you are still missing the point. The point in Inbox Zero is to become a “decider” and a “do-er” instead of an email processor. You receive email, you make a decision about it’s purpose, either A) Respond right now if it takes less than 2 minutes, B) If it takes longer than two minutes, Put it into a folder to reply later, C) Make a TODO to DO the thing that is in the email, and save the email, or D) Delete it.
Is the email that is sitting in my inbox right now, that I am staring at, actionable? Do I need to physically do something with the information that is front of me? Yes? Make to-do todo it, then DO it. No? Either file it, or delete it.
Follow this process until you hit ZERO emails in your inbox.
Then CLOSE your email. CLOSE it. And go DO the things that you made todo’s to, do.
Even if those todo’s involve answering the email that you put into a folder under “B", you need to DO them. Only check email about twice or three times a day, and you will be much more productive.
The point in Inbox zero is to process to ZERO, then CLOSE the inbox for the time being and GO CREATE. GO CREATE YOUR WORK BEING DONE.
Then, later, open it back up.
Wednesday, March 17
Hey Microsoft, Don't F*ck Up Windows Phone 7
Hey Microsoft, Don't F*ck Up Windows Phone 7 - Windows phone 7 - Gizmodo.
A funny post over on Gizmodo detailing how, apparently, Microsoft has put out a couple changes to Windows Phone Mobile 7. (What is it with Microsoft and the number 7 all of the sudden? Unified messaging?)
Apparently Microsoft is going to do two things wrong..
As for Multitasking, the iPhone doesn't have it "ish". (Mail and various other "Apple only" apps can run in the background). However, the rumor is that iPhone 4.0 will have multitasking. So Microsoft, instead of trying to get ahead of the curve, you are going to be at least 3 years behind in copying Apple? Seriously? Way to step up the innovation there guys.
Copy and Paste.. Well, the iPhone didn't have it until iPhone 3.0, and a shitton of people bought iPhones too. Not that many will buy Windows Mobile 7 devices, but still...
How can you not put copy and paste in it, when (as the author of the Gizmodo article says) the phone you are trying to compete with (the iPhone) already has it!?
Steller Microsoft, way to win. Whatever, I wouldn't buy it anyway.
A funny post over on Gizmodo detailing how, apparently, Microsoft has put out a couple changes to Windows Phone Mobile 7. (What is it with Microsoft and the number 7 all of the sudden? Unified messaging?)
Apparently Microsoft is going to do two things wrong..
- No multitasking
- No Copy and Paste
As for Multitasking, the iPhone doesn't have it "ish". (Mail and various other "Apple only" apps can run in the background). However, the rumor is that iPhone 4.0 will have multitasking. So Microsoft, instead of trying to get ahead of the curve, you are going to be at least 3 years behind in copying Apple? Seriously? Way to step up the innovation there guys.
Copy and Paste.. Well, the iPhone didn't have it until iPhone 3.0, and a shitton of people bought iPhones too. Not that many will buy Windows Mobile 7 devices, but still...
How can you not put copy and paste in it, when (as the author of the Gizmodo article says) the phone you are trying to compete with (the iPhone) already has it!?
Steller Microsoft, way to win. Whatever, I wouldn't buy it anyway.
Tuesday, March 16
VRT: The New Disclosure Debate and the Evil Mr. Moore
VRT: The New Disclosure Debate and the Evil Mr. Moore.
I am not trying to get into the business of reblogging Sourcefire VRT's blog entries, but I blog things that I think are interesting, or that I think my readers will find interesting and hopefully debate. I think this is yet, ANOTHER insanely great article by Mr. Matt Olney. Please click the link above and read it!
I am not trying to get into the business of reblogging Sourcefire VRT's blog entries, but I blog things that I think are interesting, or that I think my readers will find interesting and hopefully debate. I think this is yet, ANOTHER insanely great article by Mr. Matt Olney. Please click the link above and read it!
Wednesday, March 10
Funny ‘Hacker’ Story
Funny ‘Hacker’ Story.
A funny story about a hacker named "bitchchecker", proving his mad skills by attacking someone on the Internet.
Using the IP: 127.0.0.1
Watch out for this guy.
A funny story about a hacker named "bitchchecker", proving his mad skills by attacking someone on the Internet.
Using the IP: 127.0.0.1
Watch out for this guy.
Tuesday, March 9
VRT: APT: Should your panties be in a bunch, and how do you un-bunch them?
VRT: APT: Should your panties be in a bunch, and how do you un-bunch them?.
I don't know how to say it anymore than this:
Matt Olney wrote a damn, a DAMN good post about APT on the VRT blog, and if you read my blog, and you don't go over to the VRT blog and read that post.. Heck I don't care if you don't read another post by the VRT that they have written in the past (although, you SHOULD! They put a LOT of time into their posts!) you should read this one.
Matt, whom I play Xbox with nearly every night, talk to on a regular basis, and consider to be my friend.. I just wanted to let you know, seriously...
Damn fine job sir.
I don't know how to say it anymore than this:
Matt Olney wrote a damn, a DAMN good post about APT on the VRT blog, and if you read my blog, and you don't go over to the VRT blog and read that post.. Heck I don't care if you don't read another post by the VRT that they have written in the past (although, you SHOULD! They put a LOT of time into their posts!) you should read this one.
Matt, whom I play Xbox with nearly every night, talk to on a regular basis, and consider to be my friend.. I just wanted to let you know, seriously...
Damn fine job sir.
10 reasons to avoid talking on the phone
10 reasons to avoid talking on the phone - The Oatmeal.
This is an awesome comic, pretty much sums up talking on the phone correctly.
Click through, it's awesome.
This is an awesome comic, pretty much sums up talking on the phone correctly.
Click through, it's awesome.
Subscribe to:
Posts (Atom)