Presentation video and slides from last week’s Security Weekly show, where I talked about Logstash in forensic investigations.
Category: Information Security
iptables Processing Flowchart (Updated Often)
I’ve created a flowchart that details the flow traffic takes through the various tables and chains of the Linux iptables firewall.
Blind iOS Device and Apple ID Discovery
After installing the latest iOS 7 updates on several of my Apple products, I discovered a feature that could also provide unintentional insight to users’ accounts. When composing a new iMessage, typing a few letters provides a list of matching entries from the system-wide address book. What I found most interesting was that contacts who… Continue reading Blind iOS Device and Apple ID Discovery
Permanently Ban Repeat Offenders With fail2ban (UPDATED)
The fail2ban suite is a very useful tool in the battle against brute force login attempts. Where it’s capabilities broke down for me, however, was in addressing repeat offenders. This post includes a configuration to permanently block repeat offenders using the iptables firewall.
Forward QNAP NAS Syslog Messages Through an SSL tunnel
This entry contains detailed steps on how to configure a QNAP NAS device to forward log messages via the network over an SSL-encrypted tunnel. All information here should be accurate, but I can’t guarantee there are no errors. I therefore wrap this entire entry in an “it works for me and I hope it also… Continue reading Forward QNAP NAS Syslog Messages Through an SSL tunnel
DoD Cyber Crime Conference 2012: A Recap
I was fortunate enough to attend this year’s DoD Cyber Crime Conference, in Atlanta, GA. While these events are always great opportunities to meet up with old friends, I also took away a lot of useful information on the current and evolving state of computer forensics and the greater information security community. Partially as a… Continue reading DoD Cyber Crime Conference 2012: A Recap