I recently migrated from hosting this site on Gitlab pages (still an excellent option, BTW) to hosting on AWS S3 via CloudFront. This solution isn’t cheaper, but I’ve been working on AWS concepts of late and thought this would be a good exercise - and I was right! :-)
I expect to write more about what I learned in that exercise, but I wanted to start with the problem of directory index files, since this solution didn’t come up often in my search for solutions....
I meet IT folks fairly frequently who want to know how to get started in Security. But Security is a huge field! What kind of security are you intersted in? Or what kind of Security do you think you’re interested in? And how do you find out?
Disclaimer Personally, I’m biased toward not starting in Security, but starting in System Administration or Network Administration or development or….
The reason is that if you haven’t actually spent time running an IT shop, you won’t really have an idea of what you’re defending or the balance between keeping things running smoothly and patching (for example)....
All of this was prior to the latest versions of Security Onion which now run inside docker instances. I’ve not yet looked to see how this would be replicated there. But I’m leaving this up for historical purposes.
Another tool in the arsenal of Security Onion is OSSEC, a “scalable, multi-platform, open source Host-based Intrusion Detection System (HIDS).” OSSEC examines log and alert events and correlates them against pre-built (or custom) rules and sends alerts as configured....
All of this was prior to the latest versions of Security Onion which now run inside docker instances. I’ve not yet looked to see how this would be replicated there. But I’m leaving this up for historical purposes.
As I’ve mentioned before, Security Onion is a fantastic network security-focused Linux distribution which can monitor your network and/or hosts for malicious activity.
The Onion can run Snort or Suricata as a network IDS, and it can also run bro Zeek alongside those traditional IDS engines to add another layer of intelligence....
I was looking through the various options for ncat and came across an option I hadn’t seen before: Broker mode. After reading through the examples, I learned that the --chat mode is really just a special mode of connection brokering.
In ncat, “brokering” a connection allows multiple connections to the same listening instance, and takes the input from one connection and send it as output to all the other connections....