Getting additional (IP/network/location) info along with your Splunk searches
Chanced upon some of the info by accident (smack at the bottom of one part of the Splunk documentation...), but I can't find it now. Going to share here anyway 
Some (or probably most/all) of your searches might involve public IP addresses, and more often than not we would want to have additional info along with the IP address to work with.
Three of the things that we could do in Splunk automatically would be to get IP-location info, or to reverse lookup an IP to a domain, or to lookup a domain to an IP.
Installing Ubuntu 7.04 server in VirtualBox
As part of the fiddling around with Metasploit, there came the need to install a victim box to test things on (we don't want to be attacking a live site don't we? Especially one that we don't own...), so here's a modification of the instructions found at Offensive Security's walkthrough for our needs.
I wanted to run the victim machines in VirtualBox instead of VMware Player, and after some experimentation and Googling around with the crashing issue, here're the instructions on how to get things up and running.
Host OS: Ubuntu 9.10
VirtualBox 3.1.2
Guest OS: Ubuntu 7.04 Server
Getting your server to send an email whenever anyone logs in
Running on a VPS like Linode give me plenty of control over what is run, and also plenty of chances to learn more about network administration (along with the heartaches). 
The code that I used was based from this forum post. This one presumes that your MTA has been setup properly. The original code was for protecting your root account (i.e. when anyone logs into your server's root account, you get the notification).
(Note: it is usually not advisable to login as root. Create a user account and give it sudoer rights instead. I'd say that's advisable even for servers where there is only one person expected to login, which is you.)