Pricing Discover content Blog About Sign in

SANS Internet Storm Center, InfoCON: green - RSS Feed

2k subscribers
11 articles/week

Latest articles

ISC Stormcast For Thursday, February 2nd, 2023 https://isc.sans.edu/podcastdetail.html?id=8352, (Thu, Feb 2nd)

10h

Rotating Packet Captures with pfSense, (Wed, Feb 1st)

Having a new pfSense firewall in place gives some opportunities to do a bit more with the device. Maintaining some full packet captures was an item on my "to do" list. The last 24 hours is usually sufficient for me since I'm usually looking at alerts within the same day. I decided to do rotating packet captures based on file size. This allows me to...

12h

Detecting (Malicious) OneNote Files, (Wed, Feb 1st)

We are starting to see malicious OneNote documents (cfr. Xavier's diary entry "A First Malicious OneNote Document").

1d

ISC Stormcast For Wednesday, February 1st, 2023 https://isc.sans.edu/podcastdetail.html?id=8350, (Wed, Feb 1st)

1d

Packet Tuesday: Large ICMP Errors https://www.youtube.com/watch?v=z9jk8Bbf4_o , (Tue, Jan 31st)

---

1d

DShield Honeypot Setup with pfSense, (Tue, Jan 31st)

Setting up a DShield honeypot is well guided by the installation script [1]. After several minutes of following the instructions and adding some custom details, the honeypot is up and running. What's needed after that is to expose the honeypot to the internet. I recently decided to update my home router and thought it was a great opportunity to dig...

1d

ISC Stormcast For Tuesday, January 31st, 2023 https://isc.sans.edu/podcastdetail.html?id=8348, (Tue, Jan 31st)

2d

Decoding DNS over HTTP(s) Requests, (Mon, Jan 30th)

I have written before about scans for DNS over HTTP(s) (DoH) servers. DoH is now widely supported in different browsers and recursive resolvers. It has been an important piece in the puzzle to evade various censorship regimes, in particular, the "Big Chinese Firewall". Malware has at times used DoH, but often uses its own HTTP(s) based resolvers that...

2d

ISC Stormcast For Monday, January 30th, 2023 https://isc.sans.edu/podcastdetail.html?id=8346, (Mon, Jan 30th)

3d

ISC Stormcast For Friday, January 27th, 2023 https://isc.sans.edu/podcastdetail.html?id=8344, (Fri, Jan 27th)

6d

Discover, share and read the best on the web

Follow RSS Feeds, Blogs, Podcasts, Twitter searches, Facebook pages, even Email Newsletters! Get unfiltered news feeds or filter them to your liking.

Get Inoreader
Inoreader - Follow RSS Feeds, Blogs, Podcasts, Twitter searches, Facebook pages, even Email Newsletters!

With Inoreader, content comes to you, the minute it's available. Follow RSS Feeds, Blogs, Podcasts, Twitter searches, Facebook pages, even Email Newsletters!

Blog Pricing Discover content About Inoreader Brand portal Contact us
Terms of Service Privacy Policy Knowledge base Developers Status
Inoreader Android App on Google Play Inoreader iOS App at the Play Store
© 2023 Innologica Ltd

35 Akademik Boris Stefanov str., 1700 Sofia, Bulgaria | EU VAT BG202279697