Author Archives: Scott
Cyber Range Lab Assignment 4
In this lab we take a look at how Snort rules are written and configured, as well as how to make use of them when they are noisy. We then look at iptables, and configure a local host-based firewall to … Continue reading
Cyber Range Lab Assignment 3
This lab is titled: Hands-on with Encryption Primitives and Block Cipher Modes of Operation. In it we use and compare four different AES-128 modes of operation in different file types and situations to see which are more secure and which … Continue reading
Cyber Range Lab Assignment 2
This laboratory exercise is about password auditing and buffer overflows.
Cyber Range Lab Assignment 1
This laboratory exercise focuses on Linux networking and command line tools.
Cyber Range Evaluation Report
This report performs a comparative analysis of three commercial cyber range platforms based on a comparison matrix to score them based on their features.
Use Bro to spot SSL phishing pages (part 1)
A lot of phishes are starting to use SSL certificates, and this makes things interesting for a few reasons. Two big ones are: – End users are trained to look for the green padlock, because if it’s there the page … Continue reading
Posted in Bro Leave a comment
How to Integrate CIF feeds into Bro Intel files
So you set up a SSH honeypot and are gathering data, but what do you do with it? If you have Bro installed, you can integrate your feeds for monitoring in less than 15 minutes. I’ll show you how to pull … Continue reading
Posted in Bro, CIF, CSIRTG Leave a comment
Install a SSH honeypot, and have the data logged in 3 easy steps
Did you ever wonder who is trying to log on to your server? Here is how to set up a SSH honeypot inside of a Docker container that sends the data to CSIRT Gadgets using the Collective Intelligence Framework (CIF) … Continue reading
Posted in CIF, Docker, SSH Leave a comment