Category Archives: CIF

How to Integrate CIF feeds into Bro Intel files

So you set up a SSH honeypot¬†and are gathering data, but what do you do with it? If you have Bro installed, you can integrate your feeds for monitoring in less than 15 minutes. I’ll show you how to pull … Continue reading

Posted in Bro, CIF, CSIRTG | Leave a comment

Install a SSH honeypot, and have the data logged in 3 easy steps

Did you ever wonder who is trying to log on to your server? Here is how to set up a SSH honeypot inside of a Docker container that sends the data to CSIRT Gadgets using the Collective Intelligence Framework (CIF) … Continue reading

Posted in CIF, Docker, SSH | Leave a comment