InfoSec Blog

This is the second part of the installation of the operating system for a Splunk deployment. the first portion of the installation got us through the longest part of the installation. We have our partitions in place and are ready to move on to the next steps and finish the installation.

For the purpose of this blog series I am going to go through installing the operating system for Splunk. The operating system that I have chosen in Suse Enterprise 10. My goal in this blog series is to provide a step by step installation guide and configuration guide. While you will not be either a Splunk expert or a Linux expert after reading this series you will be able to forward, maintain, and take care of the logs within your environment. I chose to use Suse for the installation for two reasons. First I wanted the smallest footprint from the operating system as I could achieve so Linux was the obvious choice. Second, and more specifically, I chose Suse because of my familiarity with the OS and the ability to use Yast for installing additional packages if needed. this could be tweaked for other Linux installations. Installing the operating system. I didn't take the time to add fluff or colorful commentary to this installation guide. It is for those out there that want a straightforward, get it done, guide.

The PCI Data Security Standard (DSS) has just undergone a refresh. The PCI Security Standards Council released version 1.2 of the DSS on October 1, 2008. The new version must be used by all organizations who begin a new PCI assessment after October 1st. If your organization is currently undergoing an assessment you have until December 31, 2008 to complete it using the previous 1.1 version of the standard. So what changed between 1.1 and 1.2? The following list highlights the major changes in the new standard.

In this article you will learn how to identify and remediate one of the most common DNS vulnerabilities.

How many times has your email inbox been flooded with unsolicited email messages? How many times do you have to say that you do not want Viagra, nor interested in any sort of pharmaceutical drugs offered on these messages? Do you catch yourself sometimes thinking how good it would be if you could get rid of all that spam?

This article is going to cover the first phase of an assessment: information gathering and reconnaissance. I have put together a list of the top 10 most useful utilities and websites I use on a daily basis for security related assessments.