Phil Hagen's Scratch Pad

Logstash: BFD (Big Forensic Data)

By Phil Hagen On December 10, 2014 · 21 Comments · In Computer Forensics, Information Security

By Phil Hagen On September 25, 2014 · Add Comment · In Computer Forensics

By Phil Hagen On March 7, 2014 · Add Comment · In Computer Forensics

By Phil Hagen On March 20, 2013 · 1 Comment · In Computer Forensics

By Phil Hagen On January 30, 2012 · 1 Comment · In Computer Forensics, Information Security

By Phil Hagen On January 30, 2012 · Add Comment · In Computer Forensics, Crosspost

Permanently Ban Repeat Offenders With fail2ban (UPDATED)The fail2ban suite is a very useful tool in the battle against brute force login attempts. Where it's capabilities broke down for me, however, was in addressing repeat offenders. This post includes a configuration to permanently block repeat offenders using the iptables firewall.
Comcast Sets Customers Up as Phishing TargetsToday I received an e-mail message from Comcast extolling the [...]
Logstash: BFD (Big Forensic Data)Presentation video and slides from last week's Security Weekly show, where I talked about Logstash in forensic investigations.
iptables Processing FlowchartI've created a flowchart that details the flow traffic takes through the various tables and chains of the Linux iptables firewall.

Logstash: BFD (Big Forensic Data)Presentation video and slides from last week's Security Weekly show, where I talked about Logstash in forensic investigations.
Slides from SANS @Night, Bangalore IndiaI really enjoyed giving a SANS @Night talk in Bangalore, [...]
iptables Processing FlowchartI've created a flowchart that details the flow traffic takes through the various tables and chains of the Linux iptables firewall.
Slides from SANS @Night: There's GOLD in Them Thar Package Management DatabasesI still need to pull the commands out of this [...]