This is the first post in a multi-part series explaining how to use Suricata to make an NDR (Network Detection and Response) program. But first: what is Suricata? It’s an IDS (Intrusion Detection System). This means it’s a tool that analyzes network traffic and determines if it’s malicious or suspicious. You may be thinking “why…
Let’s dive in! Fire up Kali and run all commands as root. In my previous posts, I’ve covered how ifconfig helps identify network information. Ubuntu, by default, controls network configurations with Netplan. Let’s install a better program called ifupdown. It’s much easier to use- all of the network information can be configured in one simple…
You might be thinking “Asher, I’m in cybersecurity. Isn’t it the Sysadmin’s job to handle backups?” Think back to the CIA triad: Confidentiality, Integrity, and Availability. Backups certainly fall under Availability. You should know how your organization’s data is backed up, so you can protect it. You should also know how the backups themselves work.…
Imagine this scenario: You’re an analyst for a large organization, and you suspect there’s an infected box. You decide to analyze the outbound network traffic. You SSH to the firewall and do a packet capture with tcpdump. This is a 10.0.0.0/24 network with 200 subnets traveling through the firewall. With a 24 bit subnet mask,…
This post will demonstrate how to capture packets with tcpdump and analyze them with Wireshark. I’m going to capture the traffic of me logging into the website http://testphp.vulnweb.com/login.php. It’s an unencrypted communication, so I’ll be able to capture the password. First, open a terminal in Kali Linux. You need to find the name of the…
Hello everyone! This is a step-by-step guide for making your own self-hosted, secure cybersecurity portfolio with WordPress. Here’s the process: STEP 1: MAKING DIGITAL OCEAN ACCOUNT. Go to https://www.digitalocean.com and make an account (or sign in, if you have one.) STEP 2: MAKE A PROJECT Click “+ New Project” button on the left hand side.…