06 September, 2007

The Purpose of This Blog

Here goes nothing.

I have been thinking of creating a blog for quite a while, primarily to store and share small tidbits of information I come across as I muddle my way through the world of information security. Most of what I do is on the operational side of the security house. As I experiment with and work in security, I often find myself wishing I could share some of the information and processes I have used.

Most of the information I am sharing is not unique. I anticipate that many of my posts will aggregate information from a number of sources to help me document what, why, and how I did something. Don't forgot the 'why', because that is important!

Two examples of posts I have planned:

  • Building and configuring a Snort IDS to run inline as a transparent bridge.
  • Pulling IP addresses from Bleeding Snort rules and then querying sancp (session data) for matches.
Neither of the planned posts will be groundbreaking, but the experiences were both practical and useful for me.

No comments:

Post a Comment