A restless mind, a new feature, and a concerning news story had me worried about privacy over Christmas. Here’s how I installed Pi-hole on my home network to try to block requests from my Samsung Smart TV – and what the data it collected revealed…
When investigating a potentially compromised Windows computer, as well as looking at logs, files, and processes, it’s important to check its current network connections. Here’s how to retrieve that data with
netstat and make sense of it.
The bulk of cyber security incidents are fairly simple, but sometimes you end up working with a whole network of hosts that are connected to each other in different ways. With this scenario in mind, I recently set out to explore the possibility of creating a Python script to automatically generate a simple network diagram to visualise things more clearly.
A while ago I wrote a post about using Python to parse tcpdump output for domains and URLs. Recently, I started to wonder if I could take that a step further. What if the DNS requests I saw could be checked against a blacklist in real time? And what if the output was presented in a more useful format? Here’s how I got these new features working.
It’s almost a year to the day that I left my journalism job and started at the SANS Cyber Retraining Academy, and I’ve written a lot of blog posts about how much I enjoyed the experience and how valuable and life-changing it was. But now I’ve been in the industry for a few months, I thought it would be interesting to explore what it didn’t prepare me for.