How Distributed Denial of Service (DDoS) Attacks Work

Posted by Craig Jorgensen on Dec 16, 2020 8:00:00 AM


You might have read several of our other network security blogs covering topics that people in  the cybersecurity field need to know. Now is an excellent time to talk about Distributed Denial of Service (DDoS).

Read More

Topics: Distributed Denial of Service, DDoS

Network Scanning Basics

Posted by Srot Sinha on Dec 9, 2020 8:00:00 AM

In our journey to be security practitioners, we must understand basic network-based techniques from both attackers and defender perspectives. Continuing on that track, let’s talk more about network scanning and its tools and techniques today. 

Read More

Topics: Nmap, Network Scanning

Hands-on with OpenSSL

Posted by Dhiraj Sharan on Dec 2, 2020 8:00:00 AM


Today’s most widely used security toolkit is OpenSSL, not only due to its licensing terms (including a commercial use with no restrictions whatsoever) but due to its rich plethora of facilities and building blocks we can use to build any sophisticated cryptosystem.

It is also a rich learning tool, and despite its serious nature, we can use it to understand several basic questions like how internet banking works or how cryptocurrencies function. You can also learn fingerprinting and blockchain logic using the Linux command line and OpenSSL utility.

Read More

Topics: openssl, cryptosystem

DNS and Email Security

Posted by Eric Parker on Nov 18, 2020 8:00:00 AM


DNS is a widely used phonebook system on the Internet. It is used simply to query the IP address associated with a humanly readable and memorizable name. But it is a lot more than that as this article explains. If you have not yet read our previous article do so here: DNS and its Security Implications. In this blog we will talk about DNS from an Email Security perspective.

Read More

Topics: DNS, email, email security

Statistical Computing: Tips and Tricks for Using R

Posted by Ashwin Jain on Nov 11, 2020 8:00:00 AM

*Don't have R installed yet? Read my previous article to learn how: Statistical Computing: Installing R and RStudio

Read More

Topics: Rstudio, R Language, Statistical Computing

How to Monitor Endpoints Live with Osquery

Posted by Dhiraj Sharan on Nov 4, 2020 8:00:00 AM

Picture this - you are coming from a database background and getting into the world of IT monitoring or administration. While you are newly warming up to the Linux command line, you have to deal with Windows and Mac machines in your network. Add to that a bunch of Linux servers in your company’s data center.

As a systems administrator, how can you monitor each system’s health, disk space, and metrics? Unfortunately, learning the tools for each OS can be a drag. Many cloud companies offer their dashboard, and those can be helpful, but what about the physical machines in your network? How do you monitor them?

You will need some kind of instrumentation to monitor and take action based on the situation. With big data and high-speed networks and plenty of video-rich accesses, even the terabyte disks can fill up quickly, and you need to take stock of disk overruns, memory, CPU, and network usage. Or in the cybersecurity world, you need to monitor any suspicious activity on your company’s systems.

Read More

Topics: cybersecurity, Linux, OSQuery, SQL

Statistical Computing: Installing R and RStudio

Posted by Ashwin Jain on Oct 28, 2020 8:00:00 AM

“Statistical computing is the interface between

Read More

Topics: Rstudio, R Language, Statistical Computing

URL scanning for new age security measures

Posted by Eric Parker on Oct 21, 2020 8:00:00 AM

It’s the URL, stupid (me)!

Consider a scenario. You are in a miserable situation where you accidentally clicked on some phishing link or scam URL. A long time ago, when the web was safe, and viruses, trojans, and worms were transmitted only by EXE or BIN files, we could rest assured that the virus scanner protected us.

Now, the web is the purveyor of all things good and evil. Smartphones have become the norm rather than the exception. The individual security measures (windows, IOS, etc.) are only as useful as there latest update, and maintaining the amount of tech we each possess up to date is difficult. But the most common denominator is the URL centric web. All devices have Internet access and thus are vulnerable to the latest threats.

Think of the email before spam abuse. There used to be open relays everywhere, and anyone could send emails using a 10 line shell script using SMTP command verbs. Today that is impossible since email abuse has turned people away from everyday email. Even when you need to use email for work, most of one's inbox is someone trying to sell you something or market something. Every piece of traffic that humans originated on the Internet has a URL, so let's look at new-age security measures to help protect you.

Read More

Topics: Cyber Security, Network Scanning, Network Security, url scanning

Using Elasticsearch as the Back-end For Fast Prototyping

Posted by Niraj Markandey on Oct 14, 2020 8:00:00 AM

In the last article, Understanding the Elastic Stack, I broke down the various Elastic components (check it out for a quick refresher). Now we will use the REST API provided by Elasticsearch as the back-end for a simple project. But before, let us discuss why we want to use Elasticsearch REST API as back-end.

The functionality of the back-end:

Read More

Topics: Cyber Security, Elastic, elasticsearch, prototyping

How to Get Started With Tcpdump

Posted by Craig Jorgensen on Oct 7, 2020 8:00:00 AM


We have all have heard of network analyzers or packet sniffers, Wireshark with its command-line counterpart Tshark, or tcpdump.

This article explores how Linux's command-line power, combined with the tcpdump lexical parser's filter expressions, can be used for some complex networking debugging. If you are bored at home in these COVID times, how about extracting the video of a video conference capture? (On a serious note, only do this for your video with the participants' permission.)

Read More

Topics: Cyber Security, cybersecurity, Network Security, tcpdump