Threat hunting with Yara: The red pill approach
Guest Post: Learn how to combine Yara with other tools to have full control over the condition validation process.
Tag: Guest Post
A first look at DNS over QUIC
Guest Post: Does DoQ outperform DoT and DoH? Results of the first study on DoQ response times.
How to properly interpret a traceroute or MTR
Guest Post: MTR is a useful tool for diagnosing packet loss.
DNSSEC algorithms for TLDs (and everyone else)
Guest Post: Has the time come to phase out 1,024-bit RSA from the DNSSEC ecosystem?
Threat hunting with Yara: Dealing with wildcard hexadecimal patterns
Guest Post: Learn how to use Yara’s native hexadecimal pattern definition features to create fast rules with fewer false positives and no alarming nested loops.
Identifying Autonomous Systems of state-owned Internet operators
Guest Post: Study notes 17% of the world’s IP addresses are originated by state-owned Autonomous Systems.
perfSONAR: Open, extensible, worldwide
Guest Post: perfSONAR is a worldwide network performance monitoring tool that continually collects, archives, and sets alerts for active measurement test results.
Threat hunting with Yara: Measuring distance between any three elements
Guest Post: Learn how to use Yara’s math module and min/max functions to measure distance between patterns.
The parallel lives of Autonomous Systems: ASN allocations vs BGP
Guest Post: First of its kind study shows relationship between ASN allocations and BGP announcements.
The multiple meanings of ’nameserver’ and ’DNS resolver’
Guest Post: There are two types of nameservers, and which one the term ‘nameserver’ refers to depends on the context.