Using Snort on a PCAP file
Grabbing tcpdump output during a crisis can be hard to remember. Ideally, snort is running as as service inline or at least continually. Sometimes things hap...
Recent Posts
Bash Troubleshooting Boilerplate
I have a bash script that is being called multiple times instead of once. I need to track down where it is being called from.
Syn Flood Testing
Launching a SYN flood. Everyone know DDOS attacks happen and of these SYN floods may be the simplest to organize for attackers. As a defender you don’t want...
Time Machine?
SRE: “When does it need to be done?” PM: “Next week at the latest.” SRE: “OK, we spend from now to next week working on a time machine. If we ha...
deviantART Registrar Name.com Compromised
So name.com was hacked and deviantart.com was one of the credentials dumped from their DB. How do I know? Name.com Tells Customers To Change Password Due To...
Beginning IOS BGP Configuration
This configuration is Cisco based but JunOS isn’t too far of a stretch in my experience. First off: you need your ASN. You need your address block. Your add...
Beginning BGP
I remember hearing a lot of conflicting information about BGP when I first started doing network admin stuff. A lot of time BGP is part of an HA strategy and...