There are a few blogs out there on the internet that walk you through setting up a pfSense Splunk forwarder, and a few more that talk about getting your suricata IDS logs into your Splunk, but there is not an all-in-one guide to help you do both. I wrote a blog post for my work which can be read here!
At the time of writing this, we do not have very much in place to enforce what passwords can and can’t be used on the network aside of the standard group policy controls. In the past, I used to gather AD Password hashes from the domain controller and then run the password through hashcat in order to give me a list of user passwords; The Domain Password Spray Powershell script from Dafthack changes everything.
I am currently working on setting up my website (austinoneil.com) to be SSL encrypted. The webserver is currently setup with Microsoft IIS and is not currently configured to be SSL secure. Today, we shall change this.
Read more SSL on IIS 8.5 Web Server using Let’s Encrypt