Archive for the ‘Uncategorized’ Category

Hello Readers! Well, I finally made it…the last post of the year.  I have to say I didn’t think I would be able to make my deadline every week, much less through the entire year.  And with the exception of one week (which screwed me up because of a time change), I managed to pull […]


Hello reader! This week we continue working with the Windows DNS script from last week.  The next step in my process was the ability to search the data.  Now in my case, I’m only interested in two fields, the Remote IP field and the Question Name field. Mind you this is designed around the script […]


Hello Reader! This week we’re going back and revisiting my Windows DNS script from a couple of weeks ago.  What I had planned to do when I first wrote the script is add the ability to write it all to a SQLite database.  After that I’m going to make a script that will let me […]


Hello Reader! This week we continue on to part three of parsing out a Norton NPE log file.  For this weeks script, I wanted to focus on parsing out the File details section of the Suspicious Items section, eventually applying it to the Infection Detection section. I’m dealing with this in two parts, again because […]


Hello Reader! Well, we’re coming into the home stretch.  It’s week Forty Eight, and only four weeks left on the calendar.  To be honest I’m shocked I made it this far (and there were some close calls).  But the year isn’t over, so on to this weeks bit of code! I’m continuing to look at […]


Hello Reader! This weeks post is going to be a quick one.  It’s been a crazy week with some personal items I’ve been dealing with.  Which has consisted of sick family members, SNOMGPOCALYPSE, and a 24 hour power outage in my home.  So unfortunately I didn’t get as far with this weeks script as I […]


Hello Reader! This week we continue our Windows DNS log parsing script.  Most of this script consists of the functions I created to parse the data. First up is the function that parses out the Opcode field of the log.  This field has four possible options, and I’m just taking the value in the log […]