Planet TLLTS

I have just started working with splunk a little bit and one of the things I have tried is to hook it up to OSSEC. This, like most things these days, has proven to be interesting to say the least. Actually, it’s a very simple process, however, the documentation is abysmal at best and I spent hours pouring through different websites until I found the correct potion to get things actually working they way they are supposed to. I am documenting it here for future reference. I am currently running OSSEC v2.4.x and Splunk v4.1.4:

On splunk:

Install ossec module into splunk

splunk->manager->data inputs->udp->new
udp port – 10002
set host – ip
source type – manual
source type – ossec
save

Make sure 10002 is enabled

On OSSEC:

vim /var/ossec/etc/ossec.conf
add:
<syslog_output>
<server>172.25.3.3</server>
<port>10002</port>
</syslog_output>
under global config

/var/ossec/bin/ossec-control enable client-syslog

service ossec restart

You should now start getting ossec alerts to splunk…!

Got an email through the FreeLinuxBox.Org site today:

Hello,

My name is ***** and i a computer science major at the University Of Georgia. I have been a linux fan for about two years now and i am in need of a computer.I really don\’t have enough money right now to buy a computer. I am willing to pay shipping costs. Thanks for considering me.

Thanks

Obviously this kid is slightly confused on how the site works, but his email is not wasted on me. I understand that he is in need of a machine, a Linux box. He’e even willing to pay shipping. Can’t SOMEONE help this kid out? I am betting there are lots more like him too. Please take a couple minutes to inventory your stash of old computers you know you will never use and put them up on the site for donation to someone needy!

Head on over to http://freelinuxbox.org and click the “Login/Manage/New Entry” link on the top right of the webpage. Create a new account on there if you do not already have one (new accounts do not put a password – it’ll be emailed to you). Post your free linux box and go about the rest of your day happy in the knowledge that you are doing a good deed for a fellow human and linux user.

I was reading some news and came apon this news article about how Blizzard is going to reveal peoples real names on it’s WOW forums. I am not even sure how this caught my attention as I am not really a gamer, and have never played WOW, but the underlying topic of anonymity is one I have had on my “things to write about” list for quite a while. It may as well be now

Apparently, the reason they are going to release people’s real names is for security and to *help* people be nicer. You see, sometimes this online anonymity breeds supermen who talk like they are 10 feet tall, bulletproof and know everything. You know the kind, trolls. Supplying your real life name helps people be a bit more cautious about what they say and do online. It makes perfect sense to me.

One of my favorite passages from the Bible (1 Cor 13:11) says “When I was a child, I spoke as a child, I understood as a child, I thought as a child: but when I became a man, I put away childish things.” That is some powerful stuff and wisdom to live by. Certainly that was the case with me.

Long ago before the birth of the internet, there were these things called BBS’ (Bulletin Board Systems). They were computers running software that would let you call into them with your computer through the phone line and game, chat and exchange data. Let me tell you, in it’s heyday, it was way cool. I ran several of these BBS’. I was the SysOp (System Operator). Anyhow, on many of these BBS’ you were encouraged to use a handle, like with a CB radio, to maintain your online presence. This had a practical purpose in that in those days bits weren’t as cheap to come by and someone’s handle normally would take up a lot less identifier space than their whole name. It was fun to have an alternate persona once in a while as well, I will admit.

The difference between those days and these days is there was always a local administrator with the pertinent information in case there was a problem. There is no such person anymore. It is almost impossible now to accurately moderate things on the internet. People of little conscience and wisdom use this flaw to hurt and abuse people with wild abandon.

Now I can see how having some avenue to anonymity has helped people as well. There are religious and political dissidents who have used this to be able to speak out against dictators, etc.. I, however, think that for the most part, using your real name should be whole heartedly encouraged. Don’t be afraid to stand up for what you think. Be brave enough to acknowledge the things that you have said and done.

I have had people, who I only know by their handle, ask me to refer them for jobs and other things. I just cannot do it. How do you tell a perspective employer that they really should give your online buddy “booger” or “captain bacon” a shot? How do you recommend someone like that? If it’s you, how do you point someone to your body of online work under that pseudonym and have them take you seriously?

Now we have even more than annoying flame-bait trolls, who we all wish would die in a fire. We have graduated to online cyber-bullying, where these bad people have used their evil to promote people getting hurt and even hurting themselves (remember that the pen is mightier than the sword).

Really, folks, it’s time for this to stop. Be who you are and be proud of it or use it as an opportunity to make yourself better! Who’s with me?

OK, I give. Apple has had their iPad out for MONTHS now and here I sit, still waiting for someone to get off their rhump and give me a decent android alternative. Sure, there have been some cheapo knockoffs overseas that aren’t readily available here in the states. If you look at the specs, though, even those are quite underwhelming. They typically sport 7 inch displays, very low cpu speed and memory, an outdated version of Android OS and no Android Marketplace (difficult to get any apps on them without it). Take the Eken Tablet for instance. This sports the 7 inch display (woo.. :/), 600mhz proc, 2gb flash and Android 1.6. Now the price point is great at right around a hundred dollars U.S., however, everyone I have spoken to that has one says it’s quite sluggish and small.

Now there are a LOT of companies that SAY they have a viable alternative *under development* but, hey, I am getting tired of waiting on vapor-ware. I WANT my tablet folks. You would think that with the likes of LG and Cisco and Samsung and, gasp, Google, that I could have something really great rolling around in my messenger bag right now, but, alas, it is not so.

For those afore mentioned companies who are vying to get my money first, here is what I would LIKE to see in an Adroid tablet, and I am willing to pay at least as much as the iPad alternative, however, inexpensive is a good word to keep in mind. I want a 10 inch screen. This is the minimum usable screen size in my opinion for my netbook and I cannot imagine reading or doing anything work related on something any smaller. I want horsepower. Again, my netbook sports a 1.6ghz proc and gets along pretty well. Slower in the cpu department would hobble the device for me. I need storage space, maybe 16gb or better. I would like to have some capacity to store multiple videos, documents and books to take with me. A SD card slot is great too, for this, but good local storage is always a plus. And speaking of SD capability, don’t diminish the usefulness of the device by not providing the necessary array of connections (SD, USB, audio, bluetooth) so I can easily transfer files and use all my favorite peripherals.

So guys, who will be first to step up to the plate?