Posts in 2023
-
iptables to nftables
23.04.2023 in Engineering
TL/DR I made a simple bash script to help automate this: #!/bin/bash # Check if the script is being run as root if [ "$EUID" -ne 0 ] then echo "Please run this script as root" exit 1 fi # Save current iptables rules to current …
Posts in 2021
-
TAP vs. SPAN
31.12.2021 in Engineering
TAP vs. SPAN Which is better, a TAP or a SPAN port? It depends! Unfortunately, there’s no easy TL:DR for this one. In a perfect world, we’d have both implemented each covering different use-cases. You are capturing network traffic, or …
Posts in 2020
-
Index on Ingest
23.08.2020 in Engineering
Index Time To set the frame for this, let’s use two common databases used in Security: Elasticsearch and Splunk. Within any database, the data you ingest will need to be indexed so you can search across that data. Depending on your end goal, …