cellphones with cameras are probably better for the purposes of covert
mass surveillance, especially ones with front facing cameras. far more of
them out there, and wireless to boot.
suprised everyone gets their panties in a bunch over presumed games
console monitoring, what about all your iph
On Wed, Jun 12, 2013 at 06:35:35PM -0700, Jonathan Lassoff wrote:
> In the PRISM context, I highly doubt their using Splunk for any kind
> of analysis beyond systems and network management. It's not good at
> indexing non-texty-things.
> What if you need to search for events that were geographical
Also checkout kibana.org for a rather splunk like experience.
Chip Marshall wrote:
>On 2013-06-12, Phil Fagan sent:
>> Speaking of Splunk; is that really the tool of choice?
>
>I've been hearing a lot of good things about logstash these days
>too, if you prefer the open source route.
>
>http:/
Decent frontend... hmm...
grep --color
Monies please!
Phil Fagan wrote:
>And a basic front-end and your in business!!
>On Jun 12, 2013 6:15 PM, "Scott Weeks" wrote:
>
>>
>>
>> --- eyeronic.des...@gmail.com wrote:
>> From: Mike Hale
>>
>> >> Splunk
>>
>> It would make sense. It's a friggin'
Logstash and Splunk are both wonderful, in my experience.
What sets them apart from just a plain grep(1) is that they build an
index that points keywords to to logging events (lines).
What if you're looking for events related to a specific interface or LSP?
Not a problem with a modest log volume,
On Wed, Jun 12, 2013 at 6:30 PM, wrote:
>
> Ask the ex-CEO of Qwest what happens if you try to turn down an
> offer the NSA makes you. :)
+1
- ferg
--
"Fergie", a.k.a. Paul Ferguson
fergdawgster(at)gmail.com
On Thu, 13 Jun 2013 00:46:27 +0100, Bacon Zombie said:
> There is no way they could of paid for all the Splunk licencing costs
> which the budget quoted before
That's assuming they paid full list price.
Ask the ex-CEO of Qwest what happens if you try to turn down an
offer the NSA makes you. :
On 2013-06-12, Phil Fagan sent:
> Speaking of Splunk; is that really the tool of choice?
I've been hearing a lot of good things about logstash these days
too, if you prefer the open source route.
http://logstash.net/
--
Chip Marshall
http://2bithacker.net/
pgpSopEO5YDs6.pgp
Description: PGP
On Jun 12, 2013, at 9:01 PM, "Scott Weeks" wrote:
> --- do...@dougbarton.us wrote:
> From: Doug Barton
>
> On 06/12/2013 05:13 PM, Scott Weeks wrote:
>> "cat /var/log/router.log | egrep -v 'term1|term2|term3' | less"
>
> Prototypical "useless use of cat" :)
>
--- do...@dougbarton.us wrote:
From: Doug Barton
On 06/12/2013 05:13 PM, Scott Weeks wrote:
> "cat /var/log/router.log | egrep -v 'term1|term2|term3' | less"
Prototypical "useless use of cat" :)
-
What would you use and what's wrong with co
On 06/12/2013 05:13 PM, Scott Weeks wrote:
"cat /var/log/router.log | egrep -v 'term1|term2|term3' | less"
Prototypical "useless use of cat" :)
And a basic front-end and your in business!!
On Jun 12, 2013 6:15 PM, "Scott Weeks" wrote:
>
>
> --- eyeronic.des...@gmail.com wrote:
> From: Mike Hale
>
> >> Splunk
>
> It would make sense. It's a friggin' sick syslog analyzer. Expensive
> as hell, but awesome.
> -
--- eyeronic.des...@gmail.com wrote:
From: Mike Hale
>> Splunk
It would make sense. It's a friggin' sick syslog analyzer. Expensive
as hell, but awesome.
--
So is "tail -f /var/log/router.log | egrep -v 'term1|term2|term3'"
or "cat /var/l
On 6/12/2013 7:59 PM, Mike Hale wrote:
> It would make sense. It's a friggin' sick syslog analyzer. Expensive
> as hell, but awesome.
Compare it to most any other SIEM (ArcSight?) and it's a bargain.
But still, yeah.
Jeff
It would make sense. It's a friggin' sick syslog analyzer. Expensive
as hell, but awesome.
On Wed, Jun 12, 2013 at 4:55 PM, Phil Fagan wrote:
> Speaking of Splunk; is that really the tool of choice?
>
>
> On Wed, Jun 12, 2013 at 5:46 PM, Bacon Zombie wrote:
>
>> There is no way they could of p
Speaking of Splunk; is that really the tool of choice?
On Wed, Jun 12, 2013 at 5:46 PM, Bacon Zombie wrote:
> There is no way they could of paid for all the Splunk licencing costs
> which the budget quoted before
>
> On 9 June 2013 18:42, Daniel Rohan wrote:
> > Anyone else notice that the
There is no way they could of paid for all the Splunk licencing costs
which the budget quoted before
On 9 June 2013 18:42, Daniel Rohan wrote:
> Anyone else notice that the Boundless Informant GUI looks suspiciously like
> the Splunk GUI?
>
> And according to the article, it sounds like it do
Let's see:
Requires "always-on" internet connection
Only available with Kinect
Includes infrared sensor
Manufactured by Microsoft, the first company to sign up for Prism
When can I get my Xbox One??
http://www.nbcnews.com/technology/new-kinect-can-track-you-so-well-you-may-
not-6C10287970
O
On Tue, 11 Jun 2013 19:52:02 -0400
"Ricky Beam" wrote:
> All of the above plus very poorly managed network / network
> security. (sadly a Given(tm) for anything ending dot-e-d-u.)
That broad sweeping characterization, without any evidence, can be
as casually dismissed without evidence. However,
On 2013-06-12, at 13:38, Martin T wrote:
> as I understand, ARIN whois database does not contain "route" objects,
> which are used for example in RIPE region for automatic BGP prefix
> filter generation.
whois.arin.net:43 is for assignment/allocation information. Does not use RPSL.
rr.arin.net
Hi,
as I understand, ARIN whois database does not contain "route" objects,
which are used for example in RIPE region for automatic BGP prefix
filter generation. How does this work in ARIN region? I know that at
least some ISP's operating in ARIN region use their own whois
databases(for example rr.
Getting back to the topic. I just saw quite a few of our hosts scanned
for this by 192.111.155.106 which doesn't say much on its own as
http://dacentec.com/ is a hosting company.
On Tue, Jun 11, 2013 at 11:27 PM, Ricky Beam wrote:
> On Tue, 11 Jun 2013 22:52:52 -0400, Jimmy Hess wrote:
>>
>> Who
On Wed, Jun 12, 2013 at 7:14 AM, Aaron Glenn wrote:
> On Wed, Jun 12, 2013 at 11:17 AM, shawn wilson wrote:
>>
>>
>> Banks and insurance companies supposedly have some interesting actuarial
>> data on this.
>>
>
> Do you know of any publicly available sources?
>
I don't. There's a US entity that
I thought the modern measure was hours and dollars wasted... Err I mean
spent.
Nick
On Jun 12, 2013 5:21 AM, "Joel M Snyder" wrote:
>
> >> Do you have any actual evidence that a .edu of (say) 2K employees
> >> is statistically *measurably* less secure than a .com of 2K employees?
>
> >We're sorta
On Wed, Jun 12, 2013 at 11:17 AM, shawn wilson wrote:
>
>
> Banks and insurance companies supposedly have some interesting actuarial
> data on this.
>
Do you know of any publicly available sources?
thanks,
aaron
I'm going to bypass the academic vs. non-academic security argument
because I've worked everywhere, and from a security viewpoint, there
is plenty of fail to go around.
On Tue, Jun 11, 2013 at 09:37:04PM -0400, Ricky Beam wrote:
> I run a default deny
> policy... if nothing asked for it, it doesn'
On 6/12/13, Joel M Snyder wrote:
> >But seriously, how do you measure one's security?
> In ounces, unless it's a European university, in which case you use
> liters. Older systems of measuring security involving mass (pounds and
> kilos) have been deprecated, and you should not be using them any
>> Do you have any actual evidence that a .edu of (say) 2K employees
>> is statistically *measurably* less secure than a .com of 2K employees?
>We're sorta lookin' at one now.
>But seriously, how do you measure one's security?
In ounces, unless it's a European university, in which case you use
On Wed, Jun 12, 2013 at 4:51 AM, Jimmy Hess wrote:
> On 6/12/13, shawn wilson wrote:
>>> The scope is constantly changing.
>> Not really. The old tricks are the best tricks. And when a default install
> By best, you must mean effective against the greatest number of targets.
>
By best, I mean e
On 6/12/13, shawn wilson wrote:
> This is basically untrue. I can deal with a good rant as long as there's
> some value in it. As it is (I'm sorta sorry) I picked this apart.
> On Jun 12, 2013 12:04 AM, "Ricky Beam" wrote:
>> On Tue, 11 Jun 2013 22:55:12 -0400, wrote:
>>>>>
This is basically untrue. I can deal with a good rant as long as there's
some value in it. As it is (I'm sorta sorry) I picked this apart.
On Jun 12, 2013 12:04 AM, "Ricky Beam" wrote:
>
> On Tue, 11 Jun 2013 22:55:12 -0400, wrote:
>>
>
> But seriously, how do you measure one's security?
Banks
31 matches
Mail list logo
