Postfix email relay
OTRS Help Desk is an
open source application (with Enterprise support) that has a lot of useful features: ITSM, Surveys, Time Accounting and System monitoring.
I use it on my company as a Service Desk for
Security purposes (and more).
As you can read from our Success Story one of the feature we currently appreciate is the ability to track all the email exchanges into tickets simply putting ticket number in email Subject end CCing the proper configured email address. This allow us to interact with external parties without the need for other people to access our OTRS istance. Continue reading “Configure OTRS to process multiple Tickets in email Subject”
Lone Hacker in Wharehouse by Brian Klug
Security Onion is an Ubuntu based distribution created to handle a lot of Security task.
One of the security tool installed is
SNORT, the best open source Intrusion Detection System (IDS). Security Onion use Pulledpork to get IDS rules and process them.
I wrote a perl script to make advanced modification to the downloaded SNORT rules. This script can handle rule transformation based on regular expression and multiple substitution patterns.
Continue reading “SNORT rules Advanced Parser for pulledpork”
Network by Rosmarie Voegtli
[UPDATE Feb 24th 2018: tenable
disabled the API to execute remote scan since version 7 so keep in mind that if you use nessus>7 this won’t work]
Metasploit is my favorite tool while I do Pen Test and Secuirty Checks. I use also Nessus for Vulnerability Assessment and integrate Nessus and Metasploit is a must.
Follow a short guide on how to launch Nessus from Metasploit (for reference, I used NESSUS 6.5 and Metasploit PRO but also Community Edition should be ok).
Continue reading “Launching Nessus scans inside Metasploit”
Forward by Bruce Berrien
One of the problems I encountered in my job is to get syslog (udp/514) logs from a server that support only one syslog destination and resend these logs to two or more servers (log archiving, security appliance etc).
To do this I used
rsyslog and Ubuntu Server (14.04 LTS) acting like a syslog relay.
In this scenario the remote appliance sends the log to the Ubuntu Server (listening on port udp/514) and the server store&forward the logs to one or more server/device. Continue reading “Rsyslog – Store and Forward messages to other hosts”