Packet Threat Analysis

Everyone needs to do some housekeeping at different points, and I figured it was time I did some a basic security sweep of my setup. To get started, I performed a quick packet capture on the very server that hosts this blog. I decided to give one of CloudShark's newer and more distinct features a spin with my recently created account; their Threat Assessment tool. I thought it would be interesting to pit this against PacketTotal as well. These are both great tools with similar, but also different purposes. At the time, I had SSH and web ports open along with a few other unused ports for various common services. The only true security measure in place was a few basic iptables rules. CloudShark What I Liked: Up front, quick severity level rating dashboard Brief descriptions of issues which helps puts everything in laymen's terms World map view Privacy settings External references to source data and additional information Ability to view the...
Read More