Uncategorized

The NSA’s Tailored Access Operations Hurt Americans… and It Has Nothing To Do With Privacy

¡Rant Warning! Let’s get this out of the way. First, I am not a privacy advocate. I’d like to believe in such a thing, but the reality (and we all know it) is that privacy is dead. My background is in security, which is really the underlying topic here when we talk about the NSA and their Tailored Access Operations, or “TAO”. I’d also like to state for the record that I am usually very reserved when it comes to voicing my opinion about the government, because in all honesty… I’ve never worked for the NSA or any other three-letter agency. Call me naïve… but I’d like to believe that the motive behind these operations is truly in the best interest of my country even though I disagree with the tactics. Like many of you, last night I watched President Obama deliver the State of the Union. This year (and we were all prepared for it) he mentioned (and I use “mentioned” explicitly) that he is working on cyber policy in lieu of the ever-growing number of cyber attacks that are affecting American businesses and that are putting Americans at risk. He also mentioned that he has worked with privacy…

continue reading

Setup OSSIM With Linux and Windows OSSEC Agents

This is a very basic tutorial on how to install a both Linux based and Windows based OSSEC agents and to have those agents communicate with OSSIM. This DOES NOT include active response.  I will discuss active response and walk you through the OSSEC configuration with active response in a later video. Please be gentle… this is my first video tutorial.  If you have any suggestions on how I can improve my tutorials, please send them my way.  Any help would be much appreciated.  [Looking for a good tool for screen recording.] The following information is to be supplemented with the video: 1. Connect to your OSSIM box and “Jailbreak this Appliance” to get a shell. 2. Add agents (/var/ossec/bin/manage_agents) 3. Connect to your Linux (CentOS) box and add the necessary repositories (epel, remi, atomic) wget http://dl.fedoraproject.org/pub/epel/6/x86_64/epel-release-6-8.noarch.rpm wget http://rpms.famillecollet.com/enterprise/remi-release-6.rpm rpm -Uvh remi-release-6*.rpm epel-release-6*.rpm wget -q -O – http://www.atomicorp.com/installers/atomic | sh 4. Install the OSSEC Agent yum install ossec-hids-client 5. Configure OSSEC agent (/var/ossec/bin/ossec-configure) 6. Add the server IP to the conf file (/var/ossec/etc/ossec.conf) 7. Import the agent key. [Extract the key from OSSIM] [Import the key into the agent] 8. Start OSSEC (/var/ossec/bin) ./ossec-control start 9. On your windows box,…

continue reading

Welcome to my personal blog…

Thanks for checking out my blog. Just sharing personal experiences in the realm of information security, and ethical hacking, some of my published work, and some convoluted infosec ranting. Note: The use of ellipses… yes… those.  I use them a lot. – James

continue reading