Security analysts constantly need to move files around; be it logs, ISO’s or VM’s, in Windows this is pretty easy. But how about in Linux? There are many way’s do move files between Linux machines and today we will discuss one of the most popular. SCP offers speed and versatility when it comes to moving files and allows analysts to seamlessly transfer files to and from a remote machine. Let’s see if we can get it done in two minutes!Continue reading “SCP for Securely transferring files between Linux hosts”
Use a SSH tunnel to hide your true IP address
It is important to hide your true IP address when performing open source research or an investigation so no one is the wiser, but how can you do this? The simple solution is to setup a SSH tunnel and tunnel your traffic through the non attributable system you built. The non attributable VPS is an important tool in any security analysts kit and in this example we will use it for a jump point so we can hide our true location.Continue reading “Use a SSH tunnel to hide your true IP address”
Vi, The Basics of Editing Text on the Command Line Without Pulling Your Hair Out.
Security Analyst’s spend a lot of time on the command line in Linux so it makes sense to have a utility for editing text available. Vi and it’s improved cousin VIM fit the bill nicely; however most folks are intimidated by all of the hot keys and modes. Text editing with Vi is really easy and quick once you learn the basics, and that is today’s topic.Continue reading “Vi, The Basics of Editing Text on the Command Line Without Pulling Your Hair Out.”
Installing NSA’s Ghidra reverse engineering tool on CentOS 7 in 10 minutes.
Today’s topic is how to install NSA Ghidra reverse engineering tool on CentOS 7 in 10 minutes. Reverse engineering of malware normally requires software that is priced out of the reach of folks that are trying to get into forensics or incident response; not anymore! NSA released the Ghidra reverse engineering tool at no cost for the end user. This is great news for people wanting to join the ranks of security analysts.Continue reading “Installing NSA’s Ghidra reverse engineering tool on CentOS 7 in 10 minutes.”
How to secure a fresh Linux virtual private server install
A Linux virtual private server (VPS) is an essential tool for any cyber security analyst, but left unsecured it can quickly be taken over by those with more nefarious intentions. Lets make sure that does not happen. This blog and accompanying video covers a few basic “must do” tasks to configure a secure Linux virtual private server at first boot. Why do we need to secure a new system? Within seconds of it coming online it will be found and attacked. If you want to test this you can leave this system as installed for 24 hours and then check the logs, there will be brute force attempts on ssh at a minimum. You may want to re-deploy the VPS before going any further if you performed this test.Continue reading “How to secure a fresh Linux virtual private server install”