Raspberry pi
BroIDS (6:18)
Dependence
Doing the make on Bro takes a long time like 45 mins
Then make install
GW
Span / mirror port
Critical stack plugs into bro
Logstash (ELK stack)
inputs
filters
outputs
elastic search (database)
Kibana
Visualization engine (pie charts)
https://github.com/travisfsmith/sweetsecurity
Updated
Watching to make sure we are receiving packets
watch ifconfig eth0
We can use BPF to whitelist certain traffic like netflix traffic for example.
Mikrotik routers can capture packets on it.
We need a 64bit OS to install RITA
Looks like we can get a vdsl SFP for mikrotik
No comments:
Post a Comment