Your friendly neighborhood AppSec advisor and honeypot enthusiast. Formerly @ Goldman Sachs and Ernst & Young. Find his thoughts in code form committed to Github.
Early last year I published a fun tool called sigsci-sounds for users of Signal Sciences — my prior blog post can be read here. Sigsci-sounds monitors attack and anomaly data and will play a sound for each type of attack or anomaly. Rather than trolling logs or staring at dashboards, let your web application tell you when it’s being attacked. In this post, I want to let you know about several improvements to sigsci-sounds.
First off, you can find sigsci-sounds on Github here. Written in Go, sigsci-sounds was one of my first projects to start learning Go — and also why it was in dire need of improvements! Here is the list:
Local OS sound files are no longer required for the default configuration: the repo now includes numerous sound files.
Themes! It now comes with several themes to choose from — more details below. You can easily create your own themes too. More details on that in the Readme file here.
This is the fun part. Imagine being alerted to SQL injection attacks with the sound of a photon torpedo firing! Or Eric Cartman from South Park yelling at you so you’re aware something is happening that you probably should take a look at. Here is the current list of bundled themes:
Batman (Holy mashed potatoes! lol)
Lost in Space
Mac OS X (default theme)
Star Trek TOS
I have to admit, one of my favorites is Space Ghost yelling “Nooooo” for about 30 seconds.
While you can have a lot of fun with themes, this really can be an effective way to monitor security events. Most likely you have a busy schedule and don’t always have time to periodically review dashboard data. With sigsci-sounds running in the background throughout your day, it will tell you about the security events you care about the most.