This past week I presented my talk “Learning from Failure: Tales of Incident Response Gone Wrong” at the 2019 SpiceWorld Conference in Austin, Texas. If you’re looking for the slides then I’ve got good news! They’re posted right here.
I use a MiniX Neo headless mini PC as a jumpbox into my home network. For the last couple years I had been running LogMeIn as the remote access client to connect back into the device, but with the recent pricing increase and lack of support for the iPad application I decided it was time to switch to TeamViewer. I knew that having an agent running on the device at all times would cause a performance hit, but I didn’t realize just how bad that hit would be.
UPDATE: This vulnerability has been assigned the Common Vulnerability and Exposure ID of CVE-2018-7698 by MITRE.
I’ve been testing out a beta version of an IDS (Intrusion Detection Sensor) that we’re planning to release sometime soon specifically for small businesses, tech savvy home users, and others. I currently have it running on my home network and the alerts I’ve been seeing have really made me much more aware of the potential risks we encounter every day. For example, a game my wife plays on her mobile phone has been triggering spyware and malware alerts thanks to the ads that constantly pop up.
Having all of your devices on a single subnet is easy and convenient. You can access network resources simply by using their hostname, and everything just works. But that kind of configuration also makes it easy for attackers to break into your systems and steal all of your critical data since there’s very little stopping them from jumping from one system to another.
LibreNMS is a fantastic and FREE network monitoring tool that can be extremely useful. Whether you’re a home user who wants to monitor their small network or an enterprise user tracking connectivity between multiple datacenters LibreNMS is a tool that can track all of the metrics you’d like and provide real-time intelligence to make sure everything is working perfectly.
But how exactly are you going to run this new tool? The good news is that if you’ve got about $60 and a few hours to tinker you can get it up and running on a Raspberry Pi 3 B+.
This past weekend I presented a talk at BSides San Antonio titled “IDS Configuration for Beginners.” Here’s the abstract from the conference website:
Whether you’re securing your home network or a corporate campus an Intrusion Detection Sensor (IDS) is a great tool to detect and identify threats on your network such as brute force attacks, malware infections, and active intrusions by malicious actors. In this talk we will discuss where to place your IDS for maximum effectiveness, a brief discussion of some IDS solutions on the market, and walk through a basic IDS configuration live on stage.
I’ve been playing around with the Rackspace Cloud hosting offerings, and as of right now I’ve got this very blog running load balanced on a set of servers. And while it’s a little more complicated than just setting up a single server it really isn’t that hard. In fact, I’ll step you through the process.