Bulk Update Security Onion Alerts

All of this was prior to the latest versions of Security Onion which now run inside docker instances. I’ve not yet looked to see how this would be replicated there. But I’m leaving this up for historical purposes. Security Onion is a fantastic Open Source IDS distribution created by Doug Burks and Security Onion Solutions. Per their own about page: Security Onion is a Linux distro for intrusion detection, network security monitoring, and log management....

ncat Send and Receive Only

This week, I picked up the ncat series again and looked at broker mode for transferring files. In my example case, the file was just ASCII and was simple to examine to ensure that no stray bits of the transmission were accidentally stored in the outputfile. But what if the file had been an executable? Using the --recv-only and/or --send-only options ensures that a client or server doesn’t interject any stray packets into the network stream....

Using ncat in Broker Mode

I was looking through the various options for ncat and came across an option I hadn’t seen before: Broker mode. After reading through the examples, I learned that the --chat mode is really just a special mode of connection brokering. In ncat, “brokering” a connection allows multiple connections to the same listening instance, and takes the input from one connection and send it as output to all the other connections....

How to Use miniLock - a Simple Way to Encrypt Files

I originally posted this entry on our family’s Wordpress blog, back in 2015. I decided to update and repost the content here, since it’s still relevant and it fits better here anyway… miniLock is no longer actively maintained and is no longer recommended as an encrypton option. There are lots of different ways to encrypt a file and today I want to cover one of the more obscure, and I believe more unique methods....

Donkeys and KPIs

I originally posted this entry on our family’s Wordpress blog, back in 2013. I decided to repost here, since it’s still relevant and fits better here anyway… Recently, the NSA declassified 136 issues of their monthly internal publication, “Cryptolog”, and released them in PDF versions for public consumption. (alternate Cryptome archive) As a geek this was/is very exciting for me. Without a great deal of time to read through them, I decided to briefly peruse the edition published the month I was born (Volume V, No 3 – Yes I’m a young whippersnapper) and quickly moved to the article entitled “I had ‘Animal Crackers in my soup,’ but you’ve got a donkey in your WHAT?...