If you've worked at all in the information or computer security industry, no doubt one or more of the following phrases, "defense in depth," "layered defense," or "onion layers," has come up.Read More
Large hi-tech companies like Google, Netflix, Twitter and Facebook have been open sourcing some of their internal security tools. Most recently Facebook released OSQuery. In this post I take a quick look at a few of the recently released tools by these organizations as well as other smaller projectsRead More
In this post I take a quick look at how to run Wireshark without being root.
Getting "promiscuous" access to a network interface on Linux requires root privileges. Running packet captures as root are dangerous. Ubuntu even has tcpdump covered when using apparmor. Why? Because malicious traffic could break tcpdump or wireshark or whatever is listening on the interface and then potentially have remote access as the same use running the dump...which is root.Read More