Listening to Web Attacks Remixed!

Early last year I published a fun tool called sigsci-sounds for users of Signal Sciences — my prior blog post can be read here. Sigsci-sounds monitors attack and anomaly data and will play a sound for each type of attack or anomaly. Rather than trolling logs or staring at dashboards, let your web application tell you when it’s being attacked. In this post, I want to let you know about several improvements to sigsci-sounds.

Photo by Spencer Imbrock on Unsplash

The Remix Specifics

First off, you can find sigsci-sounds on Github here. Written in Go, sigsci-sounds was one of my first projects to start learning Go — and also why it was in dire need of improvements! Here is the list:

  • Local OS sound files are no longer required for the default configuration: the repo now includes numerous sound files.
  • Themes! It now comes with several themes to choose from — more details below. You can easily create your own themes too. More details on that in the Readme file here.
  • Go-sigsci: it now leverages the official Go client library for the Signal Sciences API. This library can be found on Github here.

Bundled Themes

photo source

This is the fun part. Imagine being alerted to SQL injection attacks with the sound of a photon torpedo firing! Or Eric Cartman from South Park yelling at you so you’re aware something is happening that you probably should take a look at. Here is the current list of bundled themes:

  • A-Team
  • Batman (Holy mashed potatoes! lol)
  • Lost in Space
  • Mac OS X (default theme)
  • Microsoft Windows
  • South Park
  • Space Ghost
  • Star Trek TOS

I have to admit, one of my favorites is Space Ghost yelling “Nooooo” for about 30 seconds.

photo source

Conclusion

While you can have a lot of fun with themes, this really can be an effective way to monitor security events. Most likely you have a busy schedule and don’t always have time to periodically review dashboard data. With sigsci-sounds running in the background throughout your day, it will tell you about the security events you care about the most.


Originally published at labs.signalsciences.com.