So, I’ve had some quick, consecutive blog posts around this R package I’m working on, and this one is more of an answer to my own, self-identified question of “so what?”. As I was working on an importer for AlienValut’s IP reputation database, I thought it might be interesting to visualize aspects of that data… Continue reading
Post Category → Information Security
Extended (Simple) ASN Graph Visualization Example [R to D3]
The small igraph visualization in the previous post shows the basics of what you can do with the BulkOrigin & BulkPeer functions, and I thought a larger example with some basic D3 tossed in might be even more useful. Assuming you have the previous functions in your environment, the following builds a larger graph structure… Continue reading
Once More Into The [PRC Aggregated] Breaches
If you’re not on the SecurityMetrics.org mailing list you missed an interaction about the Privacy Rights Clearinghouse Chronology of Data Breaches data source started by Lance Spitzner (@lspitzner). You’ll need to subscribe to the list see the thread, but one innocent question put me down the path to taking a look at the aggregated data… Continue reading
SHODAN API in R (With Examples)
Folks may debate the merits of the SHODAN tool, but in my opinion it’s a valuable resource, especially if used for “good”. What is SHODAN? I think ThreatPost summed it up nicely: “Shodan is a Web based search engine that discovers Internet facing computers, including desktops, servers and routers. The engine, created by programmer John… Continue reading
The ‘fing’ Corollary
Back in 2011, @joshcorman posited “HD Moore’s Law” which is basically: Casual Attacker power grows at the rate of Metasploit I am officially submitting the ‘fing’ corollary to said law: Fundamental defender efficacy can be ascertained within 10 ‘fings’ The tool ‘fing’ : http://overlooksoft.com/fing : is a very lightweight-yet-wicked-functional network & services scanner that runs… Continue reading
Extracting OSE Firewall Alert Data From IMAP (Gmail) Mail To CSV With Python
I played around with OSE Firewall for WordPress for a couple days to see if it was worth switching to from the plugin I was previously using. It’s definitely not as full featured and I didn’t see any WP database extensions where it kept a log I could review/analyze, so I whipped up a little… Continue reading
Putting Cybercrime [Infographics] Behind Bars
HP & the Ponemon Institute have released their third annual “Cost of Cybercrime” report and the web wizards at HP have given us an infographic from it: (You can see the full size one at the above link) While some designers may think that infographic visualizations are not subject to the same scrutiny as “real”… Continue reading
DIY ZeroAccess Analysis Lesson #1 : Treat GeoIP Results Lightly
UPDATE: While the cautionary advice still (IMO) holds true, it turns out that – once I actually looked at the lat/lng pair being returned for the anomaly presented below, the weird results come from horrible precision resolution from the initial IP address → lat/lng conversion (which isn’t the fault of @fslabs, but of the service… Continue reading