All of this was prior to the latest versions of Security Onion which now run inside docker instances. I’ve not yet looked to see how this would be replicated there. But I’m leaving this up for historical purposes. Security Onion is a fantastic Open Source IDS distribution created by Doug Burks and Security Onion Solutions. Per their own about page: Security Onion is a Linux distro for intrusion detection, network security monitoring, and log management. It’s based on Ubuntu and contains Snort, Suricata, Bro, OSSEC, Sguil, Squert, ELSA, Xplico, NetworkMiner, and many other security tools. ...

Meet Circle from Disney. According to Disney, using Circle you can “manage all of your home’s connected devices” and “parents can filter content, limit screen time and set a bedtime for every device in the home.” Circle is an extremely easy and simple to use home web filter, and one which is at least relatively effective with time controls, since I can hear my kids groan every time their alloted time has been spent. ...

This week, I picked up the ncat series again and looked at broker mode for transferring files. In my example case, the file was just ASCII and was simple to examine to ensure that no stray bits of the transmission were accidentally stored in the outputfile. But what if the file had been an executable? Using the --recv-only and/or --send-only options ensures that a client or server doesn’t interject any stray packets into the network stream. ...

I was looking through the various options for ncat and came across an option I hadn’t seen before: Broker mode. After reading through the examples, I learned that the --chat mode is really just a special mode of connection brokering. In ncat, “brokering” a connection allows multiple connections to the same listening instance, and takes the input from one connection and send it as output to all the other connections. The ncat chat server adds labels to who said what to help keep the confusion down, but in every other way, it is simply a brokered connection. ...

I originally posted this entry on our family’s Wordpress blog, back in 2015. I decided to update and repost the content here, since it’s still relevant and it fits better here anyway… miniLock is no longer actively maintained and is no longer recommended as an encrypton option. There are lots of different ways to encrypt a file and today I want to cover one of the more obscure, and I believe more unique methods. ...