How I set up my own Autonomous System
Guest Post: What does it take to set up your own AS and keep it running?
Tag: How to
Wireshark’s little known Snort post-dissector
Guest Post: Did you know you can use Wireshark to find which specific packet triggered a Snort rule within a few seconds?
Running Docker / Alpine Linux in an IPv6-only environment
Guest Post: By default, the Docker server configures container networks for IPv4-only. Learn how to run it in IPv6.
How to: Installing an RPKI validator
[Updated] Step-by-step instructions to install RPKI validators required to validate ROAs.
How to: Detect and prevent common data exfiltration attacks
Guest Post: Mitigate for APT threats with these best practices for detecting and preventing data exfiltration attacks.
Threat hunting with Yara: The red pill approach
Guest Post: Learn how to combine Yara with other tools to have full control over the condition validation process.
How to properly interpret a traceroute or MTR
Guest Post: MTR is a useful tool for diagnosing packet loss.
Threat hunting with Yara: Dealing with wildcard hexadecimal patterns
Guest Post: Learn how to use Yara’s native hexadecimal pattern definition features to create fast rules with fewer false positives and no alarming nested loops.
Threat hunting with Yara: Measuring distance between any three elements
Guest Post: Learn how to use Yara’s math module and min/max functions to measure distance between patterns.
Threat hunting with Yara: The three body problem
Guest Post: Get to know how to use Yara with real-life research problems — detecting code evolution and shellcodes.