Onion Layers vs Soft Chewy Center

If you've worked at all in the information or computer security industry, no doubt one or more of the following phrases, "defense in depth," "layered defense," or "onion layers," has come up.

Read More

Linkdrop #8

md5 collisions save latin.

Read More

Ten New Open Source Security Tools

Large hi-tech companies like Google, Netflix, Twitter and Facebook have been open sourcing some of their internal security tools. Most recently Facebook released OSQuery. In this post I take a quick look at a few of the recently released tools by these organizations as well as other smaller projects

Read More

Run Wireshark without Root on Ubuntu

In this post I take a quick look at how to run Wireshark without being root.

Getting "promiscuous" access to a network interface on Linux requires root privileges. Running packet captures as root are dangerous. Ubuntu even has tcpdump covered when using apparmor. Why? Because malicious traffic could break tcpdump or wireshark or whatever is listening on the interface and then potentially have remote access as the same use running the dump...which is root.

Read More

Linkdrop #7

OpenBSD all the things!

Read More