security onion: watching for leeks

Report

Post on 15-Apr-2017

101 Views

Category:

Technology

3 Downloads

Preview:

Click to see full reader

TRANSCRIPT

Security Onion: Watching for Leeks

Building a home network security monitor

YSWIDT?

How many devices are on your home network?

Routers/Switches

Computers

Phones

Tablets

Roku/AppleTV/FireStick/ChromeCast/Smart TVs

Internet of Things Devices

Do you have a good handle on what these systems are doing?

Data leakage

Compromised systems

Privacy concerns

Parental monitoring

-Countless Lame Infomercials

“There’s got to be a better way.”

Let’s build a home network security monitor

Requirements

Cheap - Needs to be low cost/free and run on commodity hardware

Easy - This is to monitor a home network for increased security. Not to become a second job. #lazyhacker

Enter Security Onion

Security Onion

Security Onion is a Linux distro for intrusion detection, network security

monitoring, and log management. http://blog.securityonion.net/

https://security-onion-solutions.github.io/security-onion/

http://blog.securityonion.net/
https://security-onion-solutions.github.io/security-onion/

Features

Full Packet Capture - Using netsniff-ng SO can perform full packet capture and store as much as your storage allows

NIDS - Both signature based (Snort / Suricata) and analysis based (Bro)

HIDS - Uses OSSEC to track system level indicators

Various Tools for analyzing all this data:

Squil, Squert, Snorby, ELSA, Xplico, NetworkMiner

You were saying this would be easy?

https://webbreacher.wordpress.com/2014/05/26/home-internet-security-setting-up-the-onion/

https://webbreacher.wordpress.com/2014/05/26/home-internet-security-setting-up-the-onion/

https://webbreacher.wordpress.com/2014/05/26/home-internet-security-setting-up-the-onion/

Isn’t this expensive enterprise level stuff?

How do I get it?

Download the ISO image and “NextNextNext” through the install and setup (Easiest)

Add the appropriate repositories to Ubuntu 12.04 or 14.04 and apt-get the install

Recommend ntopng

Recommend ntopng

References

https://github.com/Security-Onion-Solutions/security-onion/wiki

https://www.bro.org/

http://suricata-ids.org/

http://www.ntop.org/products/traffic-analysis/ntop/

https://github.com/Security-Onion-Solutions/security-onion/wiki
https://www.bro.org/
http://suricata-ids.org/

Questions?

Kory Kyzar k2@korrosivesecurity.com

@0xktwo

mailto:k2@korrosivesecurity.com

top related

managing diseases of leeks - ausveg · managing diseases of...
Documents
to start · 2020. 2. 27. · on a bed of leeks & spring...
Documents
research onion
Documents
trevor leeks - from concept to implementation: the jaguar...
Leadership & Management
onion processing and onion products
Documents
a profile of the south african garlic market value … ·...
Documents
powerpoint presentation leeks, kohlrabi, radish, okra,...
Documents
oregon leeks poster english · kilima, and rikor. leeks are...
Documents
nettle soup6fa12ad6b75f211de5b6... · nettle soup edients 2...
Documents
pakistan onion: the informal regulation of the onion
Documents
culinary connection recipe book 2019 · 1 fl. oz. olive oil...
Documents
recipe book 20015 - noh foods of hawaii cup diced green...
Documents
onion & garlic - home - olam...
Documents
cnddb -- barkley mountain appendix e... · ppoph01 oro ....
Documents
common pests and diseases of alliums - microsoft · f....
Documents
a peel of onion - nasa · a peel of onion paul syverson...
Documents
chives lettuce lettuce thyme corn chilli tomato spring onion...
Documents
pre-breeding research in onion: screening an onion
Documents
creamy chicken & leeks baked potato
Documents
security onion
Documents