Tagged: intelligence

More on the NSA’s Capabilities 0

More on the NSA’s Capabilities

Ross Anderson summarizes a meeting in Princeton where Edward Snowden was “present.” Third, the leaks give us a clear view of an intelligence analyst’s workflow. She will mainly look in Xkeyscore which is the Google of 5eyes comint; it’s a federated system hoovering up masses of stuff not just from 5eyes own assets but from other countries where the NSA cooperates or pays for access. Data are “ingested” into a vast rolling buffer; an analyst can run a federated search, using a selector (such as an IP address) or fingerprint (something that can be matched against the traffic)

Repurposing Logs, (Tue, Mar 24th) 0

Repurposing Logs, (Tue, Mar 24th)

Keeping an eye on your logs is critical (really, its number 14 on the SANS critical list of controls: https://www.sans.org/critical-security-controls/control/14 .) Earlier Rob VandenBrink shared some techniques to find nuggets hiding in your logs ( https://isc.sans.edu/forums/diary/Syslog+Skeet+Shooting+Targetting+Real+Problems+in+Event+Logs/19449/ .) Today Im going to share some tricks to squeeze every last bit out of your logs through repurposing logs. I mean repurposing log files, not this: https://www.pinterest.com/dawnreneedavis/repurposed-logs/ . Logs are given their original purpose when programs determine when and how theyre going to record a log entry.