If you like it, please Subscribe NewsLetter for updates.
View my complete profile
Please Visit my another back up sites:
Please email me at:
jon(dot)netsec (at) gmail (dot) com
Thanks.
About Site
-
Gartner Magic Quadrant for Web Application Firewalls (2018,2017,2016)
A web application firewall (WAF) is an application firewall for HTTP applications. It applies a set of rules to an HTTP conversation. Generally, these rules cover common attacks such as cross-site scripting (XSS) and SQL injection. While proxies generally protect clients, WAFs protect servers. A WAF is deployed to protect a specific web application or set of web applications. A…
Read more -
Install T-Pot into Google Cloud Platform VM Instance
T-Pot is a honeypot platform built on Ubuntu with Dock technology. Latest version is 17.10 and OS is Ubuntu 16.04. The minimum system requirement is at least 2GB RAM and 40GB disk space. There are some other posts online to show how to install T-Pot into cloud virtual machine instance. Unfortunately, I failed so many times and got a error…
Read more -
Create a MySQL Computer Engine VM Instance Using Ubuntu in Google Cloud
1. Create Ubuntu VM Instance
Read more -
Cisco Web Security Appliance S190 – Web GUI
Cisco® Web Security Appliance (WSA) offers malware protection, application visibility and control, acceptable use policy controls, insightful reporting and secure mobility to enterprise network. The Cisco WSA is a forward proxy that can be deployed in either Explicit mode (proxy automatic configuration [PAC] files, Web Proxy Auto-Discovery [WPAD], browser settings) or Transparent mode (Web Cache Communication Protocol [WCCP], Policy-Based Routing [PBR], load…
Read more -
Sysinternals Tool – Sysmon Usage Tips and Tricks
Microsoft Sysinternals tool Sysmon is a service and device driver, that once installed on a system, logs indicators that can greatly help track malicious activity in addition to help with general troubleshooting. Basic Sysmon Usage commands: Installation: sysmon -i -accepteula [options] Extracts binaries into %systemroot% Registers event log manifest Enables default configuration Note: Once this command runs, the Sysmon service is installed,…
Read more -
How to Find Out Windows Process Sending Traffic, Especially ICMP Packets
There are a number of different ways to find out which process is sending tcp / udp traffic in computer systems, but not much for icmp traffic. Here is a summary for the ways to do it. 1. Install a local firewall You could always try installing a firewall that blocks outgoing traffic or use the Windows Firewall. When the…
Read more -
Windows Command Line Remote Troubleshooting Tools
Here are some scripts and methods to do remote troubleshooting or running some commands in remote machines. I found they are very useful especially in a enterprise environment if you have your domain admin account. Prerequisites to run remote commands Install .NET Framework 4.5.2 from \\shareserver\it\$Install\Scripting prerequisites\NDP452-KB2901907-x86-x64-AllOS-ENU.exe or from https://www.microsoft.com/en-ca/download/details.aspx?id=42642 Install Windows Management Framework 5.1: copy the folder \\shareserver\it\$Install\Scripting prerequisite\Windows Management…
Read more -
ArcSight SIEM Logger
ArcSight Logger is one of products from Micro Focus SIEM platform. It streams real-time data and categorizes them into specific logs and easily integrates with Security Operations. As a result, organizations of any size can use this high performance log data repository to aid in faster forensic analysis of IT operations, application development, and cyber security issues, and to simultaneously…
Read more
Comments are closed.