MineMeld is an “extensible Threat Intelligence processing framework and the ‘multi-tool’ of threat indicator feeds. Based on an extremely flexible engine, MineMeld can be used to collect, aggregate and filter indicators from a variety of sources and make them available for consumption to peers or to the Palo Alto Networks security platforms.”
It was recently open-sourced by Palo Alto and can be found on Github.
In this post I will briefly go through the steps needed to configure your SNMP monitoring tool to get active user statistics from your Ruckus ZoneDirector. You can then use this data to map against another metric like bandwidth utilisation or anything else you might find useful in your environment.
In my set-up I have a Ruckus ZoneDirector 3000. I used PRTG as the SNMP monitoring software but any will do.
Continue reading Ruckus SNMP Active Users and Bandwidth Utilisation
In this blog I will go through the steps necessary to set-up an automatic reverse SSH tunnel between a client machine sitting in a restricted environment and a server that you control in your home/office/cloud. The reverse SSH tunnel will be encapsulated within a SSL tunnel over port 443 to evade network security appliances/firewalls.
Continue reading Reverse SSH Tunnelling over SSL with the Raspberry Pi
In this brief post I will relay my finding of a security vulnerability with the Palo Alto update servers. This post refers to the security advisory PAN-SA-2016-0010.
Continue reading Palo Alto Networks – Update Server API Exposure
This is a follow up from my other blog post – as I have found another issue with the best practices provided by Palo Alto, I thought I’d consolidate them in a single post.
Continue reading Take Care When Applying Palo Alto Best Practices
Here is a quick and dirty PowerShell script that you can use to generate pseudo-random passwords using dictionary words, numbers and special characters.
This kind of script is good for environments such as schools and universities where mass-enrolment is quite common before the start of the academic year.
You can incorporate the function in your own script or come up with something new.
Credit goes to setgetgo.com for making the random word generator API available for public use.
The code is available on my GitHub page and is a good place to check for the latest iteration of code as well as some examples. Below is the code as of 14/06/2016
|
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 |
<# .SYNOPSIS Generate a random password .DESCRIPTION Uses the setgetgo.com random word API to generate random words. A random number and special character is then appended .PARAMETER numberOfPasswords Number of passwords to generate. Default is 1. .PARAMETER wordLength Word length. Default is 8. .PARAMETER allowedSpecialCharacters Special characters that are allowed to be appended to the password. Default is ! * and ? If defining your own, use the format: Generate-Password -allowedSpecialCharacters "!","?",",","/" .PARAMETER maximumNumber Default number to append to word will be between 0 and 999. .EXAMPLE PS C:\> Generate-Password This will generate a random 8 character word, append a number between 0 and 999 and finally append a special character. .NOTES Additional information about the function. #> function Generate-Password { [CmdletBinding()] [OutputType([string])] param ( [Parameter(Mandatory = $false)] [int]$numberOfPasswords = 1, [Parameter(Mandatory = $false)] [int]$wordLength = 8, [Parameter(Mandatory = $false)] $allowedSpecialCharacters = @('!', '*', '?'), [Parameter(Mandatory = $false)] [int]$maximumNumber = 999 ) for ($i = 1; $i -le $numberOfPasswords; $i++) { $randomWord = Invoke-WebRequest -URI http://randomword.setgetgo.com/get.php?len=$wordLength $randomNumber = Get-Random -Maximum $maximumNumber $randomSpecialCharacter = $allowedSpecialCharacters | Get-Random Write-Output "$($randomWord.content)$randomNumber$randomSpecialCharacter" } } |
If you find yourself using the Office 365 (Exchange Online) e-mail quarantine often then you probably know how frustrating and slow it can be to quickly find and release quarantined items. Often times you’ll find yourself waiting for a few minutes only to realise it’s not doing anything. Then you have to refresh the page and re-enter your search criteria. The fact you can’t even wildcard searches is also unforgivable (it’s 2016 Microsoft, why can we not wildcard search the subject and sender fields?!)
This annoyance coupled with my eagerness to play with PowerShell led me to develop a quick and dirty quarantine tool or viewer if you like. The tool is quite basic but it will let you do the following:
If you want to have a play with the tool, it’s on my GitHub along with the source code if you feel like suggesting some improvements.