Architecures RISC or x86?

I have been working with a large retailer of late who is a heavy user of Sun & Solaris. As you can imagine, this is perfectly normal, and in fact, considered best practice for what they are doing. That said though, in an area such as retail, with low margins and profits based on sheer quantity, surely a leap of faith into the “dark side” or as we prefer to call it, Linux, would be a better option? Continue reading “Architecures RISC or x86?”

Linux Defence Tweaks

If your planning on using Linux in a hostile environment, i.e. the Internet! then its worth thinking about some simple little tweaks to the TCP/IP stack in conjunction with some funky firewall madness to keep your box your own, and not end up “owned” too quickly!

Lets start with the TCP/IP stack. There are a number of quick easy wins here that can help defend against attacks through making the default behaviours of the stack more in-line with what we would like: Continue reading “Linux Defence Tweaks”

Snort Rocks!

Ok, its been ages since I actually had snort up and running, so long in fact that the last time I used it, ACID was still the best way to deal with the alerts! Well after a couple of days (well a couple of hours here and there at least) I have a fully functional set of snort sensors in place on public and private segments of my networks, all feeding to a centralised database with “BASE” handling the analysis! woohoo. small victories are the best! Continue reading “Snort Rocks!”