May 26, 2016

Enable Native SSL for barnyard2

  I recently had to do some reconfiguration of an intrusion detection system (IDS) that used barnyard2 to parse unified2 output from suricata and insert the data into a remote mysql database. The system was previously configured to use ssh tunnels to encrypt all traffic. These tunnels were kept alive with autossh , but this configuration needed a lot of care and feeding due to hiccups in the network. Due to the continual issues with the autossh tunnels, I decided to get rid of the ssh tunnels and simply enable native SSL for barnyard2. Unfortunately, this was a bit more time consuming than initially […]
October 21, 2015

Domain Registrar from Godaddy to Google Domains

The other day Godaddy started spamming me with notices that a domain, not this one, was going to expire. I looked into the cost of renewal with Godaddy and was surprised to find that it was $27/yr with no discounts for multi-year renewals. Registering a new domain with Godaddy is only $2.99 plus another $7.99 for private registation ($10.98 total). This was so nuts that I even opened a chat with Godaddy’s sales team to inquire about specials. No deal. $27/yr. was all they had to offer. I knew Google started a domain registation site recently so I thought I’d check […]
October 4, 2015

Adding HTTPS to GoDaddy WordPress via CloudFlare

While chatting with some colleagues this past week, I realized that I was running this WordPress blog completely over HTTP, including the login page. Ugh, security fail. A quick Google search revealed that GoDaddy managed WordPress sites do not enable any SSL/TLS by default, even with a self-signed or shared certificate. This is important because anyone capturing network traffic will be able to view the login information to your site in cleartext. This means an attacker is able to login to your WordPress site as you and do whatever they please. Today I went on a search to see how […]
February 21, 2015

GRR Rapid Response Server Build Out

I’ve been spending a significant amount of time looking at endpoint solutions recently. My goal is to have an IR Swiss Army Knife and hunting platform as well as a tool that can perform random ad-hoc queries when the latest cyber crisis hits. There are a lot of tools out there that can do bits and pieces of this, and a few less than can do pretty much everything…but they cost a fortune. In this post I’ll discuss my experiences so far with a GRR Rapid Response Server Build Out. I stumbled upon GRR a while back and have played […]