In modern network infrastructures, there are a lot of sources of data, that can be of interest for collection and analysis, to see if possible suspicious activity is present in the network. More often than not, this data is collected and send to a Security Information and Event Management (SIEM) tool, running on the network, where it can be processed and reviewed by domain specialists.
Readcyrange is a Cyber Range platform built on top of VirtualBox. It brings some some additional features to support education and training:
ReadManaging big networks can be quite complicated- many inbound and outbound requests, network traffic, email correspondence and other activities that need to be monitored. It is quite easy for an attacker to obfuscate his actions, when we are confronted with large amounts of network data to analyze. Luckily there are ways to aggregate all this data and store it so it can be reviewed and hopefully discover any abnormal activity. Of course, I am talking about the use of a Security Information and Event Management (SIEM) framework. One such framework that has gained a lot of popularity, because of its modularity and open-source nature, is the ElasticSearch/Logstash/Kibana framework.
ReadStill today, some network monitoring tools and security systems rely on the MAC address of the host. However, a MAC address is not an authentication mechanism! It can be easily changed. More precisely, by default most operating systems will use the MAC address burnt into the network interface as the source MAC address for all emitted Ethernet frames. But you can easily reconfigure your system to change this behavior. Here is how to do that on a Linux computer.
ReadHave you ever wanted to ensure your users use email addresses they actually possess? Here is a quick way to achieve it. This tutorial assumes that you already have:
ReadWe are organizing a new training session on git, GitLab and Continuous Integration (CI) for Python developers.
ReadAs I mentioned in the previous blog posts on the subject of the GHOSTS framework, I often use virtual machines to set up and run my tests. In the case of GHOSTS, i have the main GHOSTS server API running on a Linux VM with docker and docker-compose, and the GHOSTS client is running on a Windows 10 virtual machine. If you are interested to read about it, you can find the previous blogs at the following links:
ReadThe easiest way to test that a web application is working correctly is to use a browser and manually go through the pages. If one wants to automate the testing process, there are conceptually two possible approaches: 1) using raw HTTP requests to simulate a browser or 2) using some library and code to drive an actual browser.
ReadDocker-compose is an elegant way to run a Laravel app. It allows to define and run the different services: the main web app, a MySQL database and a redis server. There are however a few tricks to solve: how to run the database migrations, how to run the queue worker and the scheduler?
ReadThe ongoing COVID-19 crisis is being discussed a lot on social media platforms. Researchers and social media platforms a like make use of the online conversation to increase their situational awareness about the continuously evolving situation. At the same time, foreign powers or special interest groups have also been observed of piggybacking the large scale discussion to spread fake news and/or misinformation.
Readcyrange is a Cyber Range platform built on top of VirtualBox. Like some other tools, it has a web interface that allows to deploy and manage virtual machines.
ReadWhen developing a Laravel application, it's quite common to run the development (and test) version with a SQLite database, and the production version with a MySQL database. Normally, the migrations will take care of creating the correct database schema. However, there are a few caveats.
Read