Visualising Network Threats

Поделиться
HTML-код
  • Опубликовано: 4 авг 2024
  • Gain visibility of security threats to your network by combining Suricata's network intrusion detection with data visualisation tools and dashboards.
    This video will introduce several options ranging from a simple GUI to detailed threat hunting.
    📽️ Suricata Getting Started Guide
    • Network Intrusion Dete...
    📽️ Elasticsearch Vs OpenSearch
    • Search War: Elasticsea...
    🌐 EveBox
    Home - evebox.org/
    Documentation - docs.evebox.org/en/release/
    Wiki - github.com/jasonish/evebox/wiki
    🌐 Wazuh
    Home - wazuh.com/
    Quickstart Guide - documentation.wazuh.com/curre...
    Suricata Integration - documentation.wazuh.com/curre...
    🌐 Elastic Stack
    Home - www.elastic.co/
    Elasticsearch Installation - www.elastic.co/guide/en/elast...
    Kibana Installation - www.elastic.co/guide/en/kiban...
    API Keys for Agents - www.elastic.co/guide/en/fleet...
    💬 Follow Me
    / andrewmrquinn
    Video timestamps:
    0:00 - Introduction
    1:12 - EveBox
    6:16 - Wazuh
    8:22 - Elastic Stack
    14:13 - Runners Up
    #Suricata #Wazuh #Elasticsearch #Kibana #CyberSecurity
    The Pro Tech Show provides tech, tips, and advice for IT Pros and decision-makers.
  • НаукаНаука

Комментарии • 14

  • @ProTechShow
    @ProTechShow  Год назад

    Update: The installation issues I encountered with SELKS have been resolved by Stamus Networks. Both the setup script and the wiki have been updated.

  • @jasonish
    @jasonish Год назад +7

    Author of EveBox here. Thanks for the mention, what you said basically met my goals. The documentation and other items such as an actual usable default configuration file installed are on my to-do list.
    I agree with what you said about security, however, I feel it's good enough, or at least as good as using basic auth on a reverse proxy. Would you recommend going the Wazuh way of forcing a username and password? Then I'd also want to force a self-signed TLS certificate. Of course, this often gets in the way of convenience so there is a balance.

    • @ProTechShow
      @ProTechShow  Год назад +2

      Hi Jason, and thanks for all the work you've put in!
      I think more secure defaults are always better so I'd be in favour of a random password and self-signed certificate out of the box, with the option to disable it in favour of a reverse proxy (e.g. the user may prefer to implement some kind of SSO on a proxy).
      My primary security concern isn't about your implementation, and is more about your time. I tend to assume that all software has vulnerabilities yet to be discovered. At the moment it appears that you _are_ EveBox; so if there was a vulnerability it would likely go unresolved until you found out, fixed, and published it. I assume this is something you fit in when you have time, and there's no guarantee that you wouldn't be sick or on holiday when a vulnerability was discovered; so it doesn't seem reasonable to assume any kind of SLA for patches to become available if you're not being paid for it. There could be a zero-day vulnerability discovered for NGINX, but they have a full-time team of developers and a commercial product dependent on it so it seems more reasonable to expect a timely fix from them. I see putting NGINX in front of EveBox as a sensible way for users to mitigate the risk.

    • @MatthewGP
      @MatthewGP Год назад +1

      Thank you for EveBox! It's an awesome project.

  • @user-tj5ct6vh7t
    @user-tj5ct6vh7t Год назад

    All the videos on this channel are very helpful👍

  • @TomNook.
    @TomNook. Год назад

    Thanks for this video! Eye candy when SHTF is essential!

  • @DunOpondo
    @DunOpondo Год назад

    Great video 👊🏿

  • @PowerUsr1
    @PowerUsr1 Год назад

    So say I’m running pfsense (I am running pfsense) , hehe, how do I export those logs to eve? I’ve read FileBeat but can’t seem to locate it in the FreeBSD repository

    • @ProTechShow
      @ProTechShow  Год назад +1

      Suricata can output Eve JSON to syslog instead of a file. Your best bet might be to do that and use syslog to throw the data over to Logstash/Elasticsearch.

  • @aymenedjr
    @aymenedjr Год назад

    hi hope u answer to this comment im having BSOD error code : whea uncorrectable error but it happens only when im using my battery i bought this laptop new and im using it 2 months now sometimes it doesnt happen at all but still it happens

    • @ProTechShow
      @ProTechShow  Год назад

      This video shows you how to troubleshoot a BSoD: ruclips.net/video/odZsRBMBXB0/видео.html

Следующие
Автовоспроизведение
PFSense Suricata Intrusion Detection and Prevention, Installation Guide33:10PFSense Suricata Intrusion Detection and Prevention, Installation Guide
PFSense Suricata Intrusion Detection and Prevention, Installation GuideHome SysAdmin
Просмотров 19 тыс.
This Protects Me from Ransomware14:33This Protects Me from Ransomware
This Protects Me from RansomwarePro Tech Show
Просмотров 1,5 тыс.
Network Intrusion Detection with Suricata16:46Network Intrusion Detection with Suricata
Network Intrusion Detection with SuricataPro Tech Show
Просмотров 16 тыс.
Full SummerSlam 2024 highlights20:09Full SummerSlam 2024 highlights
Full SummerSlam 2024 highlightsWWE
Просмотров 2,6 млн
I'M LAUNCHING A NEW GAME30:00I'M LAUNCHING A NEW GAME
I'M LAUNCHING A NEW GAMEShroud
Просмотров 576 тыс.
Taking my siblings BACK TO SCHOOL shopping23:14Taking my siblings BACK TO SCHOOL shopping
Taking my siblings BACK TO SCHOOL shoppingNathaly Cuevas
Просмотров 318 тыс.
I Stayed in MrBeast's Nuclear Bunker18:20I Stayed in MrBeast's Nuclear Bunker
I Stayed in MrBeast's Nuclear BunkerRyan Trahan
Просмотров 3,1 млн
Secure Your Self-Hosted Network with Wazuh21:49Secure Your Self-Hosted Network with Wazuh
Secure Your Self-Hosted Network with WazuhTechdox
Просмотров 97 тыс.
WEBINAR: Network Threat Hunting with Suricata and SELKS1:05:48WEBINAR: Network Threat Hunting with Suricata and SELKS
WEBINAR: Network Threat Hunting with Suricata and SELKSStamus Networks
Просмотров 1,7 тыс.
Will ChatGPT Make IT Pros Obsolete?25:44Will ChatGPT Make IT Pros Obsolete?
Will ChatGPT Make IT Pros Obsolete?Pro Tech Show
Просмотров 2 тыс.
Network Threat Hunting Made Easy (Finding Hackers)11:38Network Threat Hunting Made Easy (Finding Hackers)
Network Threat Hunting Made Easy (Finding Hackers)John Hammond
Просмотров 56 тыс.
OPNSense: Protect Your Home LAN With a Transparent Filtering Bridge with Step by Step Instructions15:13OPNSense: Protect Your Home LAN With a Transparent Filtering Bridge with Step by Step Instructions
OPNSense: Protect Your Home LAN With a Transparent Filtering Bridge with Step by Step InstructionsDave's Garage
Просмотров 600 тыс.
Suricata Network IDS/IPS Installation, Setup, and How To Tune The Rules & Alerts on pfSense 202027:30Suricata Network IDS/IPS Installation, Setup, and How To Tune The Rules & Alerts on pfSense 2020
Suricata Network IDS/IPS Installation, Setup, and How To Tune The Rules & Alerts on pfSense 2020Lawrence Systems
Просмотров 183 тыс.
you need this FREE CyberSecurity tool32:06you need this FREE CyberSecurity tool
you need this FREE CyberSecurity toolNetworkChuck
Просмотров 1,2 млн
Реализация IDS/IPS системы на Mikrotik + Suricata1:05:26Реализация IDS/IPS системы на Mikrotik + Suricata
Реализация IDS/IPS системы на Mikrotik + SuricataMikrotik Training
Просмотров 28 тыс.
Security & Intrusion Detection With pfsense, Suricata, pfblocker and blocking what's missed15:44Security & Intrusion Detection With pfsense, Suricata, pfblocker and blocking what's missed
Security & Intrusion Detection With pfsense, Suricata, pfblocker and blocking what's missedLawrence Systems
Просмотров 74 тыс.
120 FPS🔥Vs 90Fps😈Vs 60 FPS😱IPHONE 15 PRO Vs POCO X6 PRO😈#pocox6pro #iphone #120fps #shorts #pubg00:20120 FPS🔥Vs 90Fps😈Vs 60 FPS😱IPHONE 15 PRO Vs POCO X6 PRO😈#pocox6pro #iphone #120fps #shorts #pubg
120 FPS🔥Vs 90Fps😈Vs 60 FPS😱IPHONE 15 PRO Vs POCO X6 PRO😈#pocox6pro #iphone #120fps #shorts #pubgNir Gaming
Просмотров 2,3 млн
Моя ЛУЧШАЯ ПОКУПКА! Поговорим о СМАРТ-ЧАСАХ11:39Моя ЛУЧШАЯ ПОКУПКА! Поговорим о СМАРТ-ЧАСАХ
Моя ЛУЧШАЯ ПОКУПКА! Поговорим о СМАРТ-ЧАСАХi-shoppers обзоры
Просмотров 26 тыс.
Os fabricantes de Carregadores 🔌 esconderam isso de você a vida toda #shorts #viral #celular00:26Os fabricantes de Carregadores 🔌 esconderam isso de você a vida toda #shorts #viral #celular
Os fabricantes de Carregadores 🔌 esconderam isso de você a vida toda #shorts #viral #celularDavid Soluções
Просмотров 880 тыс.
Серьезные проблемы с CPU у Intel и AMD. Маркетинговая дичь от NVIDIA. Youtube замедлили. Что делать?21:05Серьезные проблемы с CPU у Intel и AMD. Маркетинговая дичь от NVIDIA. Youtube замедлили. Что делать?
Серьезные проблемы с CPU у Intel и AMD. Маркетинговая дичь от NVIDIA. Youtube замедлили. Что делать?PRO Hi-Tech
Просмотров 97 тыс.
Вот почему не стоит покупать телевизор! Артикул WB: 24300272800:27Вот почему не стоит покупать телевизор! Артикул WB: 243002728
Вот почему не стоит покупать телевизор! Артикул WB: 243002728Семейка Мамедовых
Просмотров 117 тыс.
Ферзёвый губошлёп переделывает iPhone 12 Pro после классических кринжобасов.04:40Ферзёвый губошлёп переделывает iPhone 12 Pro после классических кринжобасов.
Ферзёвый губошлёп переделывает iPhone 12 Pro после классических кринжобасов.STANISLA
Просмотров 35 тыс.
А вы докажите что мы сломали ноутбук! Как современные сервисы решают проблемы.23:09А вы докажите что мы сломали ноутбук! Как современные сервисы решают проблемы.
А вы докажите что мы сломали ноутбук! Как современные сервисы решают проблемы.VIK-off
Просмотров 75 тыс.
3 ГЕЙМПАДА: XBOX и SONY (не работают курки, стик) | РЕМОНТ06:483 ГЕЙМПАДА: XBOX и SONY (не работают курки, стик) | РЕМОНТ
3 ГЕЙМПАДА: XBOX и SONY (не работают курки, стик) | РЕМОНТRemonter
Просмотров 30 тыс.