101010.pl

K. Reid Wightman :verified: 🌻 :donor:My talk from the S4x25 conference is up! I learned a bunch of lessons over the years from writing IDS rules (some good, some bad). A few lessons learned are in the talk, along with links to a github repo that contains pcaps, rules, and explanations of said rules, so that you can follow along at home: <a href="https://www.youtube.com/watch?v=LYDk-tkM3eM" rel="nofollow noopener" translate="no" target="_blank">https://www.youtube.com/watch?v=LYDk-tkM3eM</a> <a href="https://infosec.exchange/tags/pcaps" class="mention hashtag" rel="nofollow noopener" target="_blank">#pcaps</a> <a href="https://infosec.exchange/tags/suricata" class="mention hashtag" rel="nofollow noopener" target="_blank">#suricata</a> <a href="https://infosec.exchange/tags/snort" class="mention hashtag" rel="nofollow noopener" target="_blank">#snort</a>

Nicolas MouartDo you know if anyone has tried to make a -working- homemade DIY -IPS- with Snort or Suricata that would use the NPU capabilities of the RK3588 for pattern matching and succeed? An inline Pi-Hole basically..<a href="https://mastodon.social/tags/SBC" class="mention hashtag" rel="nofollow noopener" target="_blank">#SBC</a> <a href="https://mastodon.social/tags/infosec" class="mention hashtag" rel="nofollow noopener" target="_blank">#infosec</a> <a href="https://mastodon.social/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#cybersecurity</a> <a href="https://mastodon.social/tags/rk3588" class="mention hashtag" rel="nofollow noopener" target="_blank">#rk3588</a> <a href="https://mastodon.social/tags/IPS" class="mention hashtag" rel="nofollow noopener" target="_blank">#IPS</a> <a href="https://mastodon.social/tags/pihole" class="mention hashtag" rel="nofollow noopener" target="_blank">#pihole</a> <a href="https://mastodon.social/tags/snort" class="mention hashtag" rel="nofollow noopener" target="_blank">#snort</a> <a href="https://mastodon.social/tags/suricata" class="mention hashtag" rel="nofollow noopener" target="_blank">#suricata</a> <a href="https://mastodon.social/tags/caturday" class="mention hashtag" rel="nofollow noopener" target="_blank">#caturday</a>

kaspaFinally got <a href="https://mastodon.originalsinners.org/tags/Snort" class="mention hashtag" rel="nofollow noopener" target="_blank">#Snort</a> and <a href="https://mastodon.originalsinners.org/tags/Suricata" class="mention hashtag" rel="nofollow noopener" target="_blank">#Suricata</a> completely setup to monitor my traffic w/ a Discord Webhook for notifications. This is behind a managed switch w/ port mirror. I named my bot Agent Smith. Badass.I'd like something to really give me an overview of my network such as all devices and how much bandwidth is flowing through.Suggestions?<a href="https://mastodon.originalsinners.org/tags/sysadmin" class="mention hashtag" rel="nofollow noopener" target="_blank">#sysadmin</a> <a href="https://mastodon.originalsinners.org/tags/CyberSecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#CyberSecurity</a>

Marko JahnkeToday, I officially turned into an <a href="https://bonn.social/tags/InfoSec" class="mention hashtag" rel="nofollow noopener" target="_blank">#InfoSec</a> dinosaur. 25 years ago, I entered my first job in infosec as a scientific <a href="https://bonn.social/tags/researcher" class="mention hashtag" rel="nofollow noopener" target="_blank">#researcher</a> in a research establishment. A topic that accompanied me through the entire time was <a href="https://bonn.social/tags/NetworkSecurityMonitoring" class="mention hashtag" rel="nofollow noopener" target="_blank">#NetworkSecurityMonitoring</a>, beginning in the late 1990's with the Network Flight Recorder (<a href="https://bonn.social/tags/NFR" class="mention hashtag" rel="nofollow noopener" target="_blank">#NFR</a>) and early versions of <a href="https://bonn.social/tags/snort" class="mention hashtag" rel="nofollow noopener" target="_blank">#snort</a> and <a href="https://bonn.social/tags/bro" class="mention hashtag" rel="nofollow noopener" target="_blank">#bro</a>.

Darren Nevares :vm:<a href="https://mastodon.social/@madeindex" class="u-url mention" rel="nofollow noopener" target="_blank">@madeindex</a> Any <a href="https://mas.to/tags/Nostr" class="mention hashtag" rel="nofollow noopener" target="_blank">#Nostr</a> client would usually work, but for web a lot of people use <a href="https://mas.to/tags/Snort" class="mention hashtag" rel="nofollow noopener" target="_blank">#Snort</a> <a href="https://snort.social/" rel="nofollow noopener" translate="no" target="_blank">https://snort.social/</a>

SellaTheChemist<a href="https://fediscience.org/@helenczerski" class="u-url mention" rel="nofollow noopener" target="_blank">@helenczerski</a> <a href="https://mastodon.green/@SusiArnott" class="u-url mention" rel="nofollow noopener" target="_blank">@SusiArnott</a> The food industry's idea of "improving" food is typically something of an oxymoron. What they want is something that can be made more consistent and cheaper to make and assemble. Improving on buffalo (or a good cow's) mozzarella is the figment of someone's imagination. <a href="https://mastodon.social/tags/snort" class="mention hashtag" rel="nofollow noopener" target="_blank">#snort</a>

SaraTypo that is an inadvertent useful coinage: Snortlisted. <a href="https://zirk.us/tags/typos" class="mention hashtag" rel="nofollow noopener" target="_blank">#typos</a> <a href="https://zirk.us/tags/sniglets" class="mention hashtag" rel="nofollow noopener" target="_blank">#sniglets</a> <a href="https://zirk.us/tags/snort" class="mention hashtag" rel="nofollow noopener" target="_blank">#snort</a>

brett<a href="https://mastodon.social/@mmasnick" class="u-url mention" rel="nofollow noopener" target="_blank">@mmasnick</a> <a href="https://mastodon.nz/tags/Snort" class="mention hashtag" rel="nofollow noopener" target="_blank">#Snort</a> <a href="https://mastodon.nz/tags/Raspberry" class="mention hashtag" rel="nofollow noopener" target="_blank">#Raspberry</a> <a href="https://mastodon.nz/tags/Whistle" class="mention hashtag" rel="nofollow noopener" target="_blank">#Whistle</a>

jnazario<a href="https://infosec.exchange/@ryanaraine" class="u-url mention" rel="nofollow noopener" target="_blank">@ryanaraine</a> recently talked history with <a href="https://mstdn.social/@mroesch" class="u-url mention" rel="nofollow noopener" target="_blank">@mroesch</a> on his security conversations podcast. marty talks about the creation of <a href="https://infosec.exchange/tags/snort" class="mention hashtag" rel="nofollow noopener" target="_blank">#snort</a> , it's surprise and sudden growth to a popular open source tool, and basically creating the business model of selling atop an open source platform - turns out what enterprise buyers needed was distinct from what open source users needed, and so it didn't cannibalize the market. he also talks about the blocked checkpoint bid, going public, and the cisco acquisition. i ran snort back in the late 90s, stood up an instance at my grad school (which was popped) over the y2k timeframe. dealt with lots of noisy logs etc. even built my own front end to it (to learn database-backed webapp development). love this trip down memory lane. <a href="https://securityconversations.com/episode/down-memory-lane-with-snort-and-sourcefire-creator-marty-roesch/" rel="nofollow noopener" target="_blank">https://securityconversations.com/episode/down-memory-lane-with-snort-and-sourcefire-creator-marty-roesch/</a>

FOSSlifeIt's System Administrator Appreciation Day! Learn about the special gift for sysadmins from <a href="https://mastodon.fosslife.org/tags/ADMINmagazine" class="mention hashtag" rel="nofollow noopener" target="_blank">#ADMINmagazine</a> and <a href="https://mastodon.fosslife.org/tags/TuxCare" class="mention hashtag" rel="nofollow noopener" target="_blank">#TuxCare</a> <a href="https://www.fosslife.org/special-offer-celebrate-sysadmin-appreciation-day" rel="nofollow noopener" target="_blank">https://www.fosslife.org/special-offer-celebrate-sysadmin-appreciation-day</a> <a href="https://mastodon.fosslife.org/tags/SysAdminDay" class="mention hashtag" rel="nofollow noopener" target="_blank">#SysAdminDay</a> <a href="https://mastodon.fosslife.org/tags/sysadminday2022" class="mention hashtag" rel="nofollow noopener" target="_blank">#sysadminday2022</a> <a href="https://mastodon.fosslife.org/tags/SystemAdministratorAppreciationDay" class="mention hashtag" rel="nofollow noopener" target="_blank">#SystemAdministratorAppreciationDay</a> <a href="https://mastodon.fosslife.org/tags/security" class="mention hashtag" rel="nofollow noopener" target="_blank">#security</a> <a href="https://mastodon.fosslife.org/tags/SSH" class="mention hashtag" rel="nofollow noopener" target="_blank">#SSH</a> <a href="https://mastodon.fosslife.org/tags/tools" class="mention hashtag" rel="nofollow noopener" target="_blank">#tools</a> <a href="https://mastodon.fosslife.org/tags/snort" class="mention hashtag" rel="nofollow noopener" target="_blank">#snort</a>

heise online (inoffiziell)Cisco hat einige Updates zu Sicherheitsprodukten angekündigt, darunter das Major Release 7.0 der Secure Firewall Threat Defense und die Integration von Snort 3. <a href="https://www.heise.de/news/Cisco-bringt-Security-Updates-6049957.html" rel="nofollow noopener" target="_blank">Cisco bringt Security-Updates</a>

Marko JahnkeThis is a very interesting German <a href="https://bonn.social/tags/ITSec" class="mention hashtag" rel="nofollow noopener" target="_blank">#ITSec</a> <a href="https://bonn.social/tags/StartUp" class="mention hashtag" rel="nofollow noopener" target="_blank">#StartUp</a>:<a href="https://bonn.social/tags/Tenzir" class="mention hashtag" rel="nofollow noopener" target="_blank">#Tenzir</a>'s <a href="https://bonn.social/tags/VAST" class="mention hashtag" rel="nofollow noopener" target="_blank">#VAST</a> engine is an insanely fast matching and storage engine for security logs (e.g., JSONL) and raw packet capture data.Closely related to <a href="https://bonn.social/tags/Bro" class="mention hashtag" rel="nofollow noopener" target="_blank">#Bro</a>/#Zeek (that was originally developed at <a href="https://bonn.social/tags/ICSI" class="mention hashtag" rel="nofollow noopener" target="_blank">#ICSI</a> in berkeley, Calif.), it integrates with many <a href="https://bonn.social/tags/OpenSource" class="mention hashtag" rel="nofollow noopener" target="_blank">#OpenSource</a> security products, such as <a href="https://bonn.social/tags/Suricata" class="mention hashtag" rel="nofollow noopener" target="_blank">#Suricata</a>, <a href="https://bonn.social/tags/Snort" class="mention hashtag" rel="nofollow noopener" target="_blank">#Snort</a>, <a href="https://bonn.social/tags/MISP" class="mention hashtag" rel="nofollow noopener" target="_blank">#MISP</a>, and AWS' open <a href="https://bonn.social/tags/Elastic" class="mention hashtag" rel="nofollow noopener" target="_blank">#Elastic</a> ecosystem fork.<a href="https://tenzir.com/blog/open-security-analytics/" rel="nofollow noopener" target="_blank">https://tenzir.com/blog/open-security-analytics/</a>

heise online (inoffiziell)Nach vielen Jahren Entwicklung ist die neue Version 3 des IDS-Tools Snort als Final Release verfügbar und behebt viele schon oft diskutierte Mängel. <a href="https://www.heise.de/news/Snort-3-Mit-Multithreading-dem-Angreifer-auf-der-Spur-5032068.html" rel="nofollow noopener" target="_blank">Snort 3: Mit Multithreading dem Angreifer auf der Spur</a>

Comunidad LibreDetección de intrusos con Snort<a href="https://www.ochobitshacenunbyte.com/2020/09/29/deteccion-de-intrusos-con-snort/" rel="nofollow noopener" target="_blank">https://www.ochobitshacenunbyte.com/2020/09/29/deteccion-de-intrusos-con-snort/</a> <a href="https://mastodon.social/tags/snort" class="mention hashtag" rel="nofollow noopener" target="_blank">#snort</a> <a href="https://mastodon.social/tags/ids" class="mention hashtag" rel="nofollow noopener" target="_blank">#ids</a> <a href="https://mastodon.social/tags/ips" class="mention hashtag" rel="nofollow noopener" target="_blank">#ips</a> #

F. Maury ⏚Excellent project: GoNIDS, a <a href="https://infosec.exchange/tags/Suricata" class="mention hashtag" rel="nofollow noopener" target="_blank">#Suricata</a> rule parser, linter, formatter and more!<a href="https://github.com/google/gonids" rel="nofollow noopener" target="_blank">https://github.com/google/gonids</a>Many thanks to its authors 💜<a href="https://infosec.exchange/tags/SuriCon2019" class="mention hashtag" rel="nofollow noopener" target="_blank">#SuriCon2019</a> <a href="https://infosec.exchange/tags/Snort" class="mention hashtag" rel="nofollow noopener" target="_blank">#Snort</a> <a href="https://infosec.exchange/tags/NIDS" class="mention hashtag" rel="nofollow noopener" target="_blank">#NIDS</a>

→ @Shamar@framapiaf.org<a href="https://floss.social/@downey" class="u-url mention" rel="nofollow noopener" target="_blank">@downey</a> <a href="https://mastodon.technology/@mediumchat" class="u-url mention" rel="nofollow noopener" target="_blank">@mediumchat</a> Not much experience actually.. just 20 years.I worked with several communities over these years, for a variety of contributions.The first I can remember was as a humble translator of <a href="https://mastodon.social/tags/php4" class="mention hashtag" rel="nofollow noopener" target="_blank">#PHP4</a> manual. I'm not sure if I was able to drive a car back then.I turned <a href="https://mastodon.social/tags/emacs" class="mention hashtag" rel="nofollow noopener" target="_blank">#Emacs</a> into the first editor supporting <a href="https://mastodon.social/tags/php5" class="mention hashtag" rel="nofollow noopener" target="_blank">#PHP5</a> with php-mode.elI contributed to <a href="https://mastodon.social/tags/snort" class="mention hashtag" rel="nofollow noopener" target="_blank">#Snort</a>.To <a href="https://mastodon.social/tags/dblinq" class="mention hashtag" rel="nofollow noopener" target="_blank">#DbLinq</a> and <a href="https://mastodon.social/tags/mono" class="mention hashtag" rel="nofollow noopener" target="_blank">#Mono</a>.Opened tons of detailed bug reports.Really I can't list then all.

Recent searches

Search options

Administered by:

Server stats:

#snort