Building A Simple Graylog Server on CentOS 7 For Log Analysis

In today’s world of constant, ongoing cyber attacks, administrators are seeking new and innovative ways to analyze existing log data to learn what is normal behavior and uncover compromise. Until

Microsoft AD DNS Debug Logging Format Error

I have been doing some experimentation in hopes of exporting and analyzing Microsoft AD DNS debug logs. The project goal is to export the relevant data to a Graylog analyzer

DNS Amplification Attack Against Scalable DNS

This morning I noticed a large number of the following DNS queries: Source: 23.245.180.16 Query: sunrisecx.com Type: A These queries were arriving at a constant rate of 5000 per minute

Massive DNS Amplification Attack Directed at Delta-Bank Ukraine

I don’t normally report on every DNS anomaly that I see but today I noticed that we are┬áseeing massive amounts of DNS traffic directed at 193.47.85.126. More information regarding this