On Tue, Jun 11, 2013 at 8:39 AM, Bernhard Schmidt be...@birkenwald.dewrote:
we have been getting reports lately about unsecured UDP chargen servers
in our network being abused for reflection attacks with spoofed sources
Anyone else seeing that? Anyone who can think of a legitimate use of
This is basically untrue. I can deal with a good rant as long as there's
some value in it. As it is (I'm sorta sorry) I picked this apart.
On Jun 12, 2013 12:04 AM, Ricky Beam jfb...@gmail.com wrote:
On Tue, 11 Jun 2013 22:55:12 -0400, valdis.kletni...@vt.edu wrote:
But seriously, how do
On 6/12/13, shawn wilson ag4ve...@gmail.com wrote:
This is basically untrue. I can deal with a good rant as long as there's
some value in it. As it is (I'm sorta sorry) I picked this apart.
On Jun 12, 2013 12:04 AM, Ricky Beam jfb...@gmail.com wrote:
On Tue, 11 Jun 2013 22:55:12 -0400,
On Wed, Jun 12, 2013 at 4:51 AM, Jimmy Hess mysi...@gmail.com wrote:
On 6/12/13, shawn wilson ag4ve...@gmail.com wrote:
The scope is constantly changing.
Not really. The old tricks are the best tricks. And when a default install
By best, you must mean effective against the greatest number of
Do you have any actual evidence that a .edu of (say) 2K employees
is statistically *measurably* less secure than a .com of 2K employees?
We're sorta lookin' at one now.
But seriously, how do you measure one's security?
In ounces, unless it's a European university, in which case you use
On 6/12/13, Joel M Snyder joel.sny...@opus1.com wrote:
But seriously, how do you measure one's security?
In ounces, unless it's a European university, in which case you use
liters. Older systems of measuring security involving mass (pounds and
kilos) have been deprecated, and you should not
I'm going to bypass the academic vs. non-academic security argument
because I've worked everywhere, and from a security viewpoint, there
is plenty of fail to go around.
On Tue, Jun 11, 2013 at 09:37:04PM -0400, Ricky Beam wrote:
I run a default deny
policy... if nothing asked for it, it doesn't
On Wed, Jun 12, 2013 at 11:17 AM, shawn wilson ag4ve...@gmail.com wrote:
Banks and insurance companies supposedly have some interesting actuarial
data on this.
Do you know of any publicly available sources?
thanks,
aaron
I thought the modern measure was hours and dollars wasted... Err I mean
spent.
Nick
On Jun 12, 2013 5:21 AM, Joel M Snyder joel.sny...@opus1.com wrote:
Do you have any actual evidence that a .edu of (say) 2K employees
is statistically *measurably* less secure than a .com of 2K employees?
On Wed, Jun 12, 2013 at 7:14 AM, Aaron Glenn aaron.gl...@gmail.com wrote:
On Wed, Jun 12, 2013 at 11:17 AM, shawn wilson ag4ve...@gmail.com wrote:
Banks and insurance companies supposedly have some interesting actuarial
data on this.
Do you know of any publicly available sources?
I
Getting back to the topic. I just saw quite a few of our hosts scanned
for this by 192.111.155.106 which doesn't say much on its own as
http://dacentec.com/ is a hosting company.
On Tue, Jun 11, 2013 at 11:27 PM, Ricky Beam jfb...@gmail.com wrote:
On Tue, 11 Jun 2013 22:52:52 -0400, Jimmy Hess
Hi,
as I understand, ARIN whois database does not contain route objects,
which are used for example in RIPE region for automatic BGP prefix
filter generation. How does this work in ARIN region? I know that at
least some ISP's operating in ARIN region use their own whois
databases(for example
On 2013-06-12, at 13:38, Martin T m4rtn...@gmail.com wrote:
as I understand, ARIN whois database does not contain route objects,
which are used for example in RIPE region for automatic BGP prefix
filter generation.
whois.arin.net:43 is for assignment/allocation information. Does not use
On Tue, 11 Jun 2013 19:52:02 -0400
Ricky Beam jfb...@gmail.com wrote:
All of the above plus very poorly managed network / network
security. (sadly a Given(tm) for anything ending dot-e-d-u.)
That broad sweeping characterization, without any evidence, can be
as casually dismissed without
Let's see:
Requires always-on internet connection
Only available with Kinect
Includes infrared sensor
Manufactured by Microsoft, the first company to sign up for Prism
When can I get my Xbox One??
http://www.nbcnews.com/technology/new-kinect-can-track-you-so-well-you-may-
not-6C10287970
On
There is no way they could of paid for all the Splunk licencing costs
which the budget quoted before
On 9 June 2013 18:42, Daniel Rohan dro...@gmail.com wrote:
Anyone else notice that the Boundless Informant GUI looks suspiciously like
the Splunk GUI?
And according to the article, it
Speaking of Splunk; is that really the tool of choice?
On Wed, Jun 12, 2013 at 5:46 PM, Bacon Zombie baconzom...@gmail.com wrote:
There is no way they could of paid for all the Splunk licencing costs
which the budget quoted before
On 9 June 2013 18:42, Daniel Rohan dro...@gmail.com
It would make sense. It's a friggin' sick syslog analyzer. Expensive
as hell, but awesome.
On Wed, Jun 12, 2013 at 4:55 PM, Phil Fagan philfa...@gmail.com wrote:
Speaking of Splunk; is that really the tool of choice?
On Wed, Jun 12, 2013 at 5:46 PM, Bacon Zombie baconzom...@gmail.com wrote:
On 6/12/2013 7:59 PM, Mike Hale wrote:
It would make sense. It's a friggin' sick syslog analyzer. Expensive
as hell, but awesome.
Compare it to most any other SIEM (ArcSight?) and it's a bargain.
But still, yeah.
Jeff
--- eyeronic.des...@gmail.com wrote:
From: Mike Hale eyeronic.des...@gmail.com
Splunk
It would make sense. It's a friggin' sick syslog analyzer. Expensive
as hell, but awesome.
--
So is tail -f /var/log/router.log | egrep -v
And a basic front-end and your in business!!
On Jun 12, 2013 6:15 PM, Scott Weeks sur...@mauigateway.com wrote:
--- eyeronic.des...@gmail.com wrote:
From: Mike Hale eyeronic.des...@gmail.com
Splunk
It would make sense. It's a friggin' sick syslog analyzer. Expensive
as hell, but
On 06/12/2013 05:13 PM, Scott Weeks wrote:
cat /var/log/router.log | egrep -v 'term1|term2|term3' | less
Prototypical useless use of cat :)
--- do...@dougbarton.us wrote:
From: Doug Barton do...@dougbarton.us
On 06/12/2013 05:13 PM, Scott Weeks wrote:
cat /var/log/router.log | egrep -v 'term1|term2|term3' | less
Prototypical useless use of cat :)
-
What would you use and
On Jun 12, 2013, at 9:01 PM, Scott Weeks sur...@mauigateway.com wrote:
--- do...@dougbarton.us wrote:
From: Doug Barton do...@dougbarton.us
On 06/12/2013 05:13 PM, Scott Weeks wrote:
cat /var/log/router.log | egrep -v 'term1|term2|term3' | less
Prototypical useless use of cat :)
On 2013-06-12, Phil Fagan philfa...@gmail.com sent:
Speaking of Splunk; is that really the tool of choice?
I've been hearing a lot of good things about logstash these days
too, if you prefer the open source route.
http://logstash.net/
--
Chip Marshall c...@2bithacker.net
On Thu, 13 Jun 2013 00:46:27 +0100, Bacon Zombie said:
There is no way they could of paid for all the Splunk licencing costs
which the budget quoted before
That's assuming they paid full list price.
Ask the ex-CEO of Qwest what happens if you try to turn down an
offer the NSA makes you. :)
On Wed, Jun 12, 2013 at 6:30 PM, valdis.kletni...@vt.edu wrote:
Ask the ex-CEO of Qwest what happens if you try to turn down an
offer the NSA makes you. :)
+1
- ferg
--
Fergie, a.k.a. Paul Ferguson
fergdawgster(at)gmail.com
Logstash and Splunk are both wonderful, in my experience.
What sets them apart from just a plain grep(1) is that they build an
index that points keywords to to logging events (lines).
What if you're looking for events related to a specific interface or LSP?
Not a problem with a modest log
Decent frontend... hmm...
grep --color
Monies please!
Phil Fagan philfa...@gmail.com wrote:
And a basic front-end and your in business!!
On Jun 12, 2013 6:15 PM, Scott Weeks sur...@mauigateway.com wrote:
--- eyeronic.des...@gmail.com wrote:
From: Mike Hale eyeronic.des...@gmail.com
Also checkout kibana.org for a rather splunk like experience.
Chip Marshall c...@2bithacker.net wrote:
On 2013-06-12, Phil Fagan philfa...@gmail.com sent:
Speaking of Splunk; is that really the tool of choice?
I've been hearing a lot of good things about logstash these days
too, if you prefer
30 matches
Mail list logo