• S/MIME Public Certs and GPG Public Key
MENU

Phil Hagen's Scratch Pad

  • S/MIME Public Certs and GPG Public Key

How Not To Capitalize On A Security Compromise

By Phil Hagen On December 13, 2010 · 3 Comments · In Information Security
OK, Gawker got owned. We get it.  A family of major media sites suffered the data theft of an estimated 1.5 million user records (usernames and poorly-protected passwords), with unknown impacts beyond that.  They didn’t notify users in a very timely fashion, and there is an air of “too little, too late” around their response [...]
Read More »
 
  • Popular
  • Recent
  • Comments
  • Tags

Popular Posts

  • Permanently Ban Repeat Offenders With fail2ban (UPDATED)The fail2ban suite is a very useful tool in the battle against brute force login attempts. Where it's capabilities broke down for me, however, was in addressing repeat offenders. This post includes a configuration to permanently block repeat offenders using the iptables firewall.
  • iptables Processing Flowchart (Updated Often)I've created a flowchart that details the flow traffic takes through the various tables and chains of the Linux iptables firewall.
  • Comcast Sets Customers Up as Phishing TargetsToday I received an e-mail message from Comcast extolling the [...]
  • Logstash: BFD (Big Forensic Data)Presentation video and slides from last week's Security Weekly show, where I talked about Logstash in forensic investigations.

Recent Posts

  • CDN, TLS, and WordPress - Oh My!This is a post that details how, after a great [...]
  • Logstash: BFD (Big Forensic Data)Presentation video and slides from last week's Security Weekly show, where I talked about Logstash in forensic investigations.
  • Slides from SANS @Night, Bangalore IndiaI really enjoyed giving a SANS @Night talk in Bangalore, [...]
  • iptables Processing Flowchart (Updated Often)I've created a flowchart that details the flow traffic takes through the various tables and chains of the Linux iptables firewall.

Comments

  • Phil Hagengreat approach - and sounds like it operated as ex
  • FlacusActually, I described that incorrectly: I didn't
  • FlacusThanks. I inserted LOG rules at top of all the ch
  • Phil HagenThat's a great question - and I don't have a def

Tags

558 backup comcast compromise conference database fail2ban failsauce forensic google imessage ios iptables linux math phishing presentation privacy procmail python sans sansfire security snapshots sql strategy sysadmin tips unicorns vmware
  • Recent Posts

    • CDN, TLS, and WordPress – Oh My!
    • Logstash: BFD (Big Forensic Data)
    • Slides from SANS @Night, Bangalore India
    • iptables Processing Flowchart (Updated Often)
    • Slides from SANS @Night: There’s GOLD in Them Thar Package Management Databases
    • Twitter:
      Follow @PhilHagen
 
  • S/MIME Public Certs and GPG Public Key
DMS