OSSEC rule to detect new run keys added to the registry

https://groups.google.com/forum/#!topic/ossec-list/xgkBnuyJ6ek Q: I’m wondering if anyone has created (or could help me) create an OSSEC rule to detect new additions to the “run” keys in the registry. The goal is to detect malware and fileless malware adding run keys to the registry. If anyway has started creating rules for fileless malware detection that would be great […]

Advanced DDoS Protection Service

https://www.cloudflare.com/ddos/ Denial-of-service (DoS) attacks are on the rise and have evolved into complex and overwhelming security challenges for organizations large and small. Although DoS attacks are not a recent phenomenon, the methods and resources available to conduct and mask such attacks have dramatically evolved to include distributed (DDoS) and, more recently, distributed reflector (DRDoS) attacks—attacks […]

Linux Performance

http://www.brendangregg.com/linuxperf.html http://techblog.netflix.com/2014/12/introducing-atlas-netflixs-primary.html http://techblog.netflix.com/2015/04/introducing-vector-netflixs-on-host.html http://netflix.github.io/ https://github.com/Netflix/vector http://techblog.netflix.com/2014/11/zerotodocker-easy-way-to-evaluate.html Dtrace: http://crtags.blogspot.com/ http://stackoverflow.com/questions/14375364/dtrace-on-ubuntu-how-to Systemtap: http://manpages.ubuntu.com/manpages/hardy/man1/stap.1.html App Dev Monitor/debug: https://www.takipi.com/

How can I detect a DDoS attack using pfSense so I can tell my ISP who to block?

http://serverfault.com/questions/414085/how-can-i-detect-a-ddos-attack-using-pfsense-so-i-can-tell-my-isp-who-to-block Q: I am under DDoS. What can I do? : Last week my network was hit by a DDoS attack which completely saturated our 100 MBps link to the internet and pretty much shut down all the sites and services we host. I understand (from this experience as well as other answers) that I cannot handle a […]

How to Manage ‘Systemd’ Services and Units Using ‘Systemctl’ in Linux

http://www.tecmint.com/manage-services-using-systemd-and-systemctl-in-linux/ https://blog.sleeplessbeastie.eu/2015/04/27/how-to-manage-system-services-on-debian-jessie/ Systemctl is a systemd utility which is responsible for Controlling the systemd system and service manager. Systemd is a collection of system management daemons, utilities and libraries which serves as a replacement of System V init daemon. Systemd functions as central management and configuration platform for UNIX like system. In the Linux Ecosystem Systemd has been implemented on most of the standard Linux […]

Linux Kernel Security (SELinux vs AppArmor vs Grsecurity)

http://www.cyberciti.biz/tips/selinux-vs-apparmor-vs-grsecurity.html Linux kernel is the central component of Linux operating systems. It is responsible for managing the system’s resources, the communication between hardware and software and security. Kernel play a critical role in supporting security at higher levels. Unfortunately, stock kernel is not secured out of box. There are some important Linux kernel patches to […]