The Wiert Corner – irregular stream of stuff

Jeroen W. Pluimers on .NET, C#, Delphi, databases, and personal interests

  • My badges

  • Twitter Updates

  • My Flickr Stream

  • Pages

  • All categories

  • Enter your email address to subscribe to this blog and receive notifications of new posts by email.

    Join 2,099 other followers

Archive for July 15th, 2020

logging facility in Synopse seems to be an interesting alternative to JclDebug. Need to check out how they differ in looking up the method name for tracing.

Posted by jpluimers on 2020/07/15

On my todo list, as Synops is updated more often than JCL: [WayBack] The logging facility in Synopse seems to be an interesting alternative to JclDebug: According to this StackOverflow answer, one of its features is looki… – Thomas Mueller (dummzeuch) – Google+

–jeroen

Posted in Delphi, Development, Software Development | Leave a Comment »

GitHub – gamelinux/passivedns: A network sniffer that logs all DNS server replies for use in a passive DNS setup

Posted by jpluimers on 2020/07/15

Cool tool: [WayBackGitHub – gamelinux/passivedns: A network sniffer that logs all DNS server replies for use in a passive DNS setup via [WayBack] How to log all my DNS queries? – Unix & Linux Stack Exchange (thanks mxmlnkn!).

It listens on port 53 for DNS requests then logs them to a file on regular intervals aggregating similar requests.

Usage is simple:

# passivedns -i ens32 -l /var/log/passivedns.log

[*] PassiveDNS 1.2.0
[*] By Edward Bjarte Fjellskål <edward.fjellskaal@gmail.com>
[*] Using libpcap version 1.8.1
[*] Using ldns version 1.7.0
[*] Device: ens32
[*] Sniffing...

There are more options in the docs (it can do a lot including export to databases for querying), but this simple one allows you to just grep over abusive hosts like [WayBack] Nice when someone in Dallas using 69.162.119.78 is querying your DNS infrastructure for many permutations of domains… · GitHub

Originating in 2013 ([WayBack] PassiveDNS version 1.0 | GameLinux), it still is being maintained.

It uses libpcap for sniffing and I ran it on separate machine hooked to a vSwitch configured in promiscuous mode so it sees all network traffic from that particular network segment.

There is a not fully up-to-date package available for various OpenSuSE releases (including Tumbleweed) [WayBack] Install package home:mnhauke:security / passivedns. It is x86_64 only, so if you want to run it on ARM, or want a more recent version then you need to build it yourself, for instance by using this as a template: [WayBack] Show home:mnhauke:security / passivedns – openSUSE Build Service.

Next tool on my list to try: [WayBack] dnstracer(8) – Linux man page.

–jeroen

Read the rest of this entry »

Posted in *nix, *nix-tools, Development, DevOps, Infrastructure, Linux, openSuSE, Power User, SuSE Linux, Tumbleweed | Leave a Comment »

SAFECode updates its guide on best secure software development practices – SD Times

Posted by jpluimers on 2020/07/15

Interesting to see is how much is not about actual coding, but of tooling, testing, processes, operations and mindset.

[WayBackSAFECode updates its guide on best secure software development practices – SD Times

PDF: [WayBack] SAFECode releases Fundamental Practices for Secure Software Development: Essential Elements of a Secure Development Life Cycle Program (Third Edition).

Table of Contents:

Page;Topic
 4; Executive Summary
 5; Introduction
 5;  Audience
 6; SAFECode Guidance and Software Assurance Programs
 7; Application Security Control Definition
 7;  Actively Manage Application Security Controls
 9; Design
 9;  Secure Design Principles
10;  Threat Modeling 
11;  Develop an Encryption Strategy
12;  Standardize Identity and Access Management
14;  Establish Log Requirements and Audit Practices  
15; Secure Coding Practices
15;  Establish Coding Standards and Conventions
15;  Use Safe Functions Only
17;  Use Code Analysis Tools To Find Security Issues Early
17;  Handle Data Safely 
20;  Handle Errors 
21; Manage Security Risk Inherent in the Use of Third-party Components
22; Testing and Validation
22;  Automated Testing
24;  Manual Testing
27; Manage Security Findings 
27;  Define Severity
28;  Risk Acceptance Process. 
29; Vulnerability Response and Disclosure
29;  Define Internal and External Policies
29;  Define Roles and Responsibilities
30;  Ensure that Vulnerability Reporters Know Whom to Contact 
30;  Manage Vulnerability Reporters
30;  Monitor and Manage Third-party Component Vulnerabilities 
31;  Fix the Vulnerability
31;  Vulnerability Disclosure
32;  Secure Development Lifecycle Feedback  
33; Planning the Implementation and Deployment of Secure Development Practices
33;  Culture of the Organization 
33;  Expertise and Skill Level of the organization 
34;  Product Development Model and Lifecycle
34;  Scope of Initial Deployment
35;  Stakeholder Management and Communications
35;  Compliance Measurement 
36;  SDL Process Health
36;  Value Proposition.
37; Moving Industry Forward
37;  Acknowledgements
38;  About SAFECode

–jeroen

Posted in Development, Security, Software Development | Leave a Comment »

 
%d bloggers like this: