RPM package creation for BRO IDS Deployments.

RPM package creation for BRO IDS Deployments. Basically, there are two ways to install BRO. One is, download the source and compile it for your machine. The other option is to install BRO from a package. Compiling from source is a great option, which allows for customization but can become problematic when deploying BRO on […]

Installing pf_ring on CentOS 7 using yum

PF_RING is software that installs a network socket allowing for “High-speed packet capture, filtering and analysis” https://www.ntop.org/products/packet-capture/pf_ring/. It is useful in applications where capturing a lot of network traffic is a requirement such as Snort or BRO IPS/IDS deployments. When possible, I use salt to manage pf_ring deployments but manual steps are condensed from the […]

BRO and Fortinet Content Packs on Graylog Marketplace

Content Packs for Graylog Lately, I have been working with Graylog a lot so I decided to update a few items on github and update their entries on the Graylog marketplace website. BRO content pack for Graylog The BRO IDS content pack contains pipeline rules, a stream, a dashboard displaying interesting activity, and a syslog […]

Proudly powered by WordPress   Premium Style Theme by www.gopiplus.com