Since a long time I’m running Suricata on a few Internet facing boxes, just to see what’s attempted to access these boxes unauthorized. It brings a great deal of new information, however there are limits what people should be allowed …
Category Archives: Monitoring
Automated filtering with Snorby and Suricata
Posted by paul
on 14/03/2014
Comments Off on Automated filtering with Snorby and Suricata
Suricata, snorby and tarpit on Apache2
Posted by paul
on 08/04/2013
Comments Off on Suricata, snorby and tarpit on Apache2
Since a few months I realized I need more than just a secure connection. What are “they” attempting on the outside of my Internet connection and do I take sufficient measures to counteract? So instead of just checking the logfiles …
Nagios: master/slave(s) or master(s)?
Posted by paul
on 06/01/2013
Comments Off on Nagios: master/slave(s) or master(s)?
When monitoring systems, as in automagically checking all business processes and systems are ok, I used to use a Master/Slave setup. This was built with plain Nagios installs and a ssh-tunnel over the Internet. And then the responsability grows. Another …