Last talk - Eirik Øverby 'FreeBSD and the absurdities of security compliance' very interesting talk and entertaining but check out the video for some workable advice afterwards. He mentions kernel audit logging and file integrity monitoring with bsdmaudit, auditd, etc. ie see based on a module of a project I am involved with for FIM idea medium.com/@hannahsuarez/respo but there are various documentation out there also.

At was a demonstration of Immersion Cooling for HPC, hyperscalers and datacenters. Using a liquid type of substance (pictured, but you cannot tell) to cool hardware as a replacement for fans. Feels like oil.

Interesting thinking about the operational challenges to use liquid for cooling in data centres etc.

submer.com/

BSidesVienna CFP deadline: November 4 2019 for November 30 2019 conference. See bsidesvienna.at/

Just a note, the post that I wrote is about Syslog messaging formats and the differences in formats (there are various use cases as to why, but is too long here, usually in cases like sending to SIEM).

There is Syslog as an actual messaging format (ie Syslog BSD, Syslog IETF) and protocol (see en.wikipedia.org/wiki/Syslog to read more and as a starting point) . And then there are company published Syslog implementations and various other utilies based on the protocol (ie Syslog-ng, Rsyslog).

Time to transfer github.com/nsacyber/Event-Forw from tables into config files (YML and Apache style) complete with actual QueryXML paths.

I was also going through JPCERT's findings of lateral movements (infosec.exchange/@superruserr/) and found that there seems to be little overlap between EventIDs to monitor guide written by NSA and the lateral movements by JPCERT. This makes sense because the NSA guide is more threat hunting and JPCert is more about detection/alerting of early lateral movements.

@mwlucas Will I be able to buy your books at ? Interested in Sudo Mastery

ie EventID: 104

システムログファイルがクリアされました

Just updated to include this interactive and searchable Github resources that JPCERT published:
jpcertcc.github.io/ToolAnalysi

Looks like the Event Source path etc are updated too.

Converting Windows EventLog to Syslog nxlog.co/eventlog-to-syslog

Learn all about the different formats - BSD, IETF, Snare as well as the Syslog extensions (LEEF, CEF, JSON over Syslog)

de, IT-sicherheit 

Show more
Infosec Exchange

A Mastodon instance for info/cyber security-minded people.