InfoTech Howtos

It is easy to find Step by Step HowTo articles for IT Tasks from basic OS installation to advanced application integration. it is difficult, however, to find articles that provide the steps, but also explain why a certain setting is required, or how specific parts of an application or process works.

These HowTos are written to provide the normal instructions, while also explaining some of the technical background behind the processes involved, and linking to further information for details. Please feel free to read through these and to make suggestions or ask questions, or to suggest ne articles which may be needed.






Monitoring for NDP Spoofing

I have previously posted a blog post describing how to monitor for ARP Spoofing. With IPv6 on everyone’s mind today (It IS on your mind, right?), it would seem that it is a good time to talk about a similar concern for IPv6 networks. IPv6 networks do not support multicast, but they DO have a comparable protocol. Unfortunately, it is also subject to the same exploits using similar techniques. Like ARP however, there are tools available to assist in monitoring and detecting NDP spoofing attempts. ... more


Monitoring for ARP Spoofing

Of the many ways that a network can be infiltrated, one of the most difficult to detect and manage is ARP spoofing. This is due to the fact that ARP does not take security into account in its design. Fortunately, there are tools available to assist in monitoring for and detecting ARP spoofing attempts. Obviously, the first steps in addressing a security incident is knowing that there IS an incident, so let’s look at how we can proactively watch for these incidents on our network. Unde... more


Configuring Syslog Service

System logs are a critical part of system and network maintenance. They are, in fact, one of the key components for managing just about ANY system related incident. Unfortunately these logs are completely inaccessible or untrustable if a system reaches an unbootable state, suffers a catastrophic disk failure, or is compromised by an attacker. For these scenarios, and for general ease of maintenance, one of the best moves that you can make toward converting a group of machines into a manageable n... more


VIM - Context Sensitivity

VIM is one of the kings of the editing world. Built for speed and for flexibility, it is a critical tool for *nix admins. the one thing it lacks for many people, though, is context sensitivity. This is easy enough to fix. Simply create a new document in your home directory named .vimrc (please note the leading period, denoting “hidden”), and add the line “syntax on” to set sensitivity. the first few lines of my .vimrc file are listed below for reference. If you are looking for more info ... more

Posts

  • Monitoring for NDP Spoofing
  • Monitoring for ARP Spoofing
  • Configuring Syslog Service
  • VIM - Context Sensitivity


  • Remember Aaron

    Aaron Swartz - Guerilla

    Aaron Swartz spent his life, a brilliant but short burst of light, pursuing his dream of the free and open flow of information. Remember his contribution to our lives by making this dream a reality.


    IPv6 Information