Recent Posts

Zeekurity Zen – Part VI: Zeek File Analysis Framework

Zeekurity Zen – Part VI: Zeek File Analysis Framework

This is part of the Zeekurity Zen Zeries on building a Zeek (formerly Bro) network sensor. Overview In our Zeek journey thus far, we’ve: Set up Zeek to monitor some network traffic. Used Zeek Package Manager to install AF_PACKET and other useful packages. Configured Zeek 

Zeekurity Zen – Part V: Zeek Intelligence Framework

Zeekurity Zen – Part V: Zeek Intelligence Framework

This is part of the Zeekurity Zen Zeries on building a Zeek (formerly Bro) network sensor. Overview In our Zeek journey thus far, we’ve: Set up Zeek to monitor some network traffic. Used Zeek Package Manager to install AF_PACKET and other useful packages. Configured Zeek 

Attacking The BlueKeep

Attacking The BlueKeep

R-C-E, It’s Easy as R-D-P On May 14, 2019, Microsoft published a security advisory regarding a critical remote code execution (RCE) vulnerability (CVE-2019-0708) affecting Remote Desktop Services (RDP) on older versions of Windows including XP, Vista, 7 and Server 2003/2008. Windows 8 and 10 are 

Palo Alto Firewall: GlobalProtect VPN How-To Guide

Palo Alto Firewall: GlobalProtect VPN How-To Guide

This is part of the Palo Posts how-to guides for getting the most from your Palo Alto firewall on a home or small business network. Overview So you’ve got your Palo Alto firewall successfully protecting your home network, blocking known malicious sites, and allowing system 

Palo Posts: How-To Guides For Palo Alto Firewalls

Palo Posts: How-To Guides For Palo Alto Firewalls

Palo Alto manufactures industry-leading firewall hardware, combining a number of traditional security point solutions into one single platform. The following is a collection of how-to guides to help you get the most from your Palo Alto firewall on a home or small business network. Palo 

Zeekurity Zen – Part IV: Threat Hunting With Zeek

Zeekurity Zen – Part IV: Threat Hunting With Zeek

This is part of the Zeekurity Zen Zeries on building a Zeek (formerly Bro) network sensor. Overview In our Zeek journey thus far, we’ve: Set up Zeek to monitor some network traffic. Used Zeek Package Manager to install AF_PACKET and other useful packages. Configured Zeek 

The Fal.Con Has Landed

The Fal.Con Has Landed

California Dreamin’ In early November 2019, I found myself in sunny California for CrowdStrike’s third annual Fal.Con UNITE conference at the Sheraton San Diego Hotel & Marina.  As a big fan of the CrowdStrike platform, I was excited that CrowdStrike invited me to hear about 

Zeekurity Zen – Part II: Zeek Package Manager

Zeekurity Zen – Part II: Zeek Package Manager

This is part of the Zeekurity Zen Zeries on building a Zeek (formerly Bro) network sensor. Overview In our Zeek journey thus far, we’ve: Set up Zeek to monitor some network traffic. Now we’ll introduce the Zeek Package Manager to extend Zeek’s functionality with packages