Details

Written by Jon Moore

Published: 04 March 2015

In this article I am examining the /var/log/auth.log file for any indication of what/what/when my server may have been compromised.

Details

Written by Jon Moore

Published: 10 February 2015

At this point I have managed to get the old HDD mounted and working on my test server and I got all the data off. Now I need to reformat the drive to ensure nothing is left, and get just my data back on so I can use it for my dedicated internal server, and once again have access to my data. Here's how I went about doing so.

Details

Written by Jon Moore

Published: 18 February 2015

Recently I had opportunity to work on a security problem. One firewall cluster member had failed and needed to be rebuilt. While typically not an issue, an additional challenge was that the software in use was so old, it was no longer available. In the end, it was absolutely necessary to use this old software as an entire environment was built with it. Eventually we were able to find a copy of the software and major disaster was averted, but it made me wonder if maybe, just maybe, are we doing them a DISservice by providing it?

This software has documented vulnerabilities, and because it is so old and no longer supported, these vulnerabilities will NOT be patched or fixed.

Details

Written by Jon Moore

Published: 03 February 2015

Now that I have finally managed to get my old HDD mounted, it is time to actually start getting my data off, keeping what I want for analysis, formatting the drive, and getting just my data back on.

What's worth keeping? What isn't needed? I tried looking into a few things, but there was very little to really go on. So how do I gather the files I need for analysis, while being able to otherwise keep my data, and reformat the drive?