Building a toolbox around threat intelligence can be done with freely available tools. Shared information about malicious behaviour allows you to detect and sometimes prevent activity from – and to – Internet resources that could compromise your systems’ security. I’ve already described how to use lists of malicious domain names in a BIND RPZ (Response […]
Tags:
BIND,
Bro,
comp,
DNS,
firewall,
NetFlow,
network,
ossec,
OTX,
security,
SiLK Comments Off on Threat intelligence: OTX, Bro, SiLK, BIND RPZ, OSSEC |
Read the rest of this entry »
In the continuing quest to install security software on Raspberry Pis, testing their capacity to be used as small nodes that can be placed here and there on demand, the time has come for installing Bro. The hardware/OS in question is a Raspberry Pi 2, with 1G RAM and 4 CPU cores. It’s running the […]