Made with Hugo, Hosted on S3 and served up via CloudFront

Blog

Here are the most recent blog posts. Use the menu above to see all entries.

Book Review: Defensive Security Handbook

By Adrian on May 31, 2020

Recently I purchased a few infosec books, one of them being the Defensive Security Handbook written by Lee Brotherston & Amanda Berlin. While this book was written back in April 2017, the information contained within is still very relevant today and will give the reader a sound footing when it comes to what you need to have as a secure baseline in your environment. There are 21 chapters that can be read from cover to cover, or each in isolation.

Continue reading

Thehive4 RC1 to RC2 Upgrade

By Adrian on May 16, 2020

With my Java issue sorted out now, here are the steps to upgrade TheHive from RC1 to RC2. This is a dirty upgrade, but since TheHive is still in Release Candidate status, we can get away with upgrading like this. Ordinarily you should ensure that you have your system backed up in case there are breaking changes. Stop TheHive service sudo service thehive stop Update apt repositories and upgrade May as well apply all the security updates while I am at it.

Continue reading

TheHive 4.0.0-RC2: Last error: Connection refused

By Adrian on May 12, 2020

I was so excited at the thought of all the cool new features that have popped up in TheHive v4.0.0-RC2 that I went straight onto my lab to give it a spin. Little did I know that my system was broken before I even started and I spent the best part of a few hours trying to figure out what exactly happened. For a brief moment I did consider burning the lab down and just rebuilding it, but I asked myself what would happen if this were a prod system?

Continue reading

TheHive in Docker

By Adrian on May 7, 2020

Docker is something that i’ve not fully embraced to date, I know, I know… I’m a little late off the mark, but as I get to know Docker more, I can see that it has some worthwhile advantages for me in some of the projects I use and generally getting to know technology is never a bad thing. For instance, why spin up a single server for a service that only has 1 of the 65535 ports used when 99% of the time that server will most likely be idle.

Continue reading