Hurricane Labs

Slow Down and Make Yourself Faster – Tips for the Terminal By: Aaron Croyle I spend most of my day typing arcane things into black windows with green text, as such I spend some time looking for ways to eliminate keystrokes. I’ve been using bash and vim for more that 10 years and I continue to learn more features that I can use on a daily basis. I’ll give you some tips at the end, but the moral of the story is learn how to make better use of your tools. How to Get Better 1) Anytime you’re typing the same thing more than once, ask yourself if there’s a better way to do it. If you don’t know, stop what you’re doing and ask Google. Maybe you should be using awk or sed to do some search and replace job. Maybe you can just do it in vim. If you’re in vim already, do you know how to work on more than one file at a time? 2) Anytime you want to do something you’ve done before ... (more)

Review of Certificate of Cloud Security Knowledge

By Bill Mathews Recently (well, last night) I had the opportunity to take the Certificate of Cloud Security Knowledge exam and just wanted to put out some of my thoughts while they were fresh in my head. I always like to take a random sampling of certifications. It’s fun to challenge myself (some are more challenging than others) and it gives me a good idea of what sorts of training and certificates I’d like my guys to have (if any). I’ve never been the biggest fan of some of the bigger ones out there, but we’ll save that for another post. The bulk of the CCSK covers the Cloud ... (more)

Beacon Podcast Episode 025

Hurricane Labs Beacon Podcast Episode Number: .025 – New Studio Edition Hosts: Matt Yonchak (@mattyonchak), Patrick Sayler (@psayler), Ian Gillespie, Tom Kopchak Amazon Studios - Create a television series - Amazon will fund and produce IT Security Basics - Matt isn’t buying it - People have been saying this for years - Matt and Tom debate Apple Legacy FileVault Hole - OSX 10.7.3 shipped with a debug flag - Passwords stored in plaintext in secure.log - Fixed in 10.7.4 Google vs Oracle - Google made their own Java clone for Android - Jury ruled Google infringed on copyrights - Google cal... (more)

New Splunk Nagios/Icinga Checks

A few months ago, we released a tool called check_splunk_license to the world (under the GPL at the time, but as of 4/19/2012, alternatively available under the MIT license). Since then, the check was adopted by Luke Harris for use in the Splunk for Nagios app for Splunk. We promised way back when that we’d add additional checking for the expiration of licenses, and now I’m here to tell you we’ve made good on that promise. But there’s more to the update than just expiration monitoring… The reason we originally released check_splunk_license, you may recall, was in direct response... (more)

IPS Updates, Splunk, Check Point and You

IPS Updates, Splunk, Check Point and You How I Learned to Stop Hating the Term “Zero-Day” but Not Really By: Bill Mathews Zero Day attacks – you know, the ones that almost EVERY signature in your IPS claim to protect you against? Yep those guys, nasty little things. Basically, if IPS vendors are to be believed, those are the things that don’t have a patch yet and have active exploits against them. You update your IPS signatures and BOOM protection from zero day! The problem we always run into, and this is with almost every IPS vendor so I’m not just picking on Check Point here, is... (more)