infosec ninjas
play

InfoSec Ninjas Croissants Intrusion Detection and Prevention System - PowerPoint PPT Presentation

Mar 08, 2024 •140 likes •261 views

InfoSec Ninjas Croissants Intrusion Detection and Prevention System (IDPS) InfoSec Ninjas Who am I? Samiux is an Information Security Enthusiast. - OSCE, OSCP, OSWP - Blogger - Linux user Hobbies : - Programming - Reading

  1. InfoSec Ninjas Croissants Intrusion Detection and Prevention System (IDPS)

  2. InfoSec Ninjas Who am I? Samiux is an Information Security Enthusiast. ● - OSCE, OSCP, OSWP ● - Blogger ● - Linux user Hobbies : ● - Programming ● - Reading ● - Pentesting

  3. InfoSec Ninjas What is Croissants? Croissants is an Intrusion Detection and Prevention System based on Suricata. ● - Developed by Samiux since 2012 ● - Open Source under GPLv3 ● - Intrusion Prevention System (IPS) ● - High Performance ● - Ultra-low Latency ● - Network based ● - Host based ● - Not Embedded Linux

  4. InfoSec Ninjas Main components : ● - Suricata ● - Hyperscan ● - Ubuntu Server

  5. InfoSec Ninjas General Features : ● - Blocks known malicious activities ● - Blocks known malware and virus ● - Easy and straight forward interfaces ● - Compatible with Bittorrent and 4K video streaming ● - Ultra-low latency for demanding online games ● - Compatible with Microsoft Windows, GNU Linux, Apple macOS, Apple iOS, Google Android ● - No subscription fee ● - Automatically update and upgrade ● - Urgent Update Push ● - Plug, Play and Forget!

  6. InfoSec Ninjas Detailed Features : ● - Emerging Threats (ET) Open Ruleset (Default, Free) ● - ET Pro Ruleset (Optional, Expense) ● - Malware Hashes Ruleset - MD5, SHA1, SHA256 ● - Malware SSL/TLS Fingerprints Ruleset - JA3 ● - Protocol Ruleset - SSH, DNS, TLS, etc ● - Malicious/Compromised IP Addresses Blacklist ● - TOR (The Onion Router) Exit Nodes Blacklist ● - Malicious URL/Domain Blacklist ● - Malicious SSL/TLS Fingerprints Blacklist ● - Bandwidth Over 10Gbps ● - Drop instead of Reject

  7. InfoSec Ninjas NON Open Source Features : ● - Not For Sale ● - Blocks Common Scanners ● e.g. nmap, masscan, Shodan, Censys, Zoomeye

  8. InfoSec Ninjas Minimum Requirements : (1) Hardware ● - Multi-Core Intel/AMD x86 CPU (at least Intel ATOM D2550) ● - 8GB DDR3 RAM or more ● - 64GB SSD or more ● - 3 Network Interface Cards/Ports (Network Based only) ● - 1 Network Interface Card/Port (Host Based only) ● - CPU with AVX2 or better (at least SSSE3) ● * Intel ATOM D2550 can handle up to 300Mbps traffic only (2) Software ● Ubuntu Server LTS (64-bit)

  9. InfoSec Ninjas Demo Open Source Interfaces (Network Based) ● glances and netdata - https://youtu.be/kVHKU32Mky8 Non Open Source Features ● Shodan - https://youtu.be/OoPS8Au2kAw ● nmap - https://youtu.be/uwcCDcdaRT4 Live Target (Online Time Is Limited) ● Croissants and Longjing (Deep Learning Driven Web Application Firewall) ● Infosec Projects - http://www.infosec-projects.com/

  10. InfoSec Ninjas Reference ● Suricata - https://suricata-ids.org/ ● Hyperscan - https://www.hyperscan.io/ ● Ubuntu - https://ubuntu.com/ ● Croissants - https://www.infosec-ninjas.com/croissants ● Freenode - #infosec-ninjas (SSL and Port 6697) ● Infosec Ninjas - https://www.infosec-ninjas.com/

  11. InfoSec Ninjas Thank you!

  12. InfoSec Ninjas Q&A

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Curve Curve Ninjas December 19, 2012 Curve Ninjas Curve Overview Using Curve Implementation

Curve Curve Ninjas December 19, 2012 Curve Ninjas Curve Overview Using Curve Implementation

Overview Using Curve Implementation Lessons Curve Curve Ninjas December 19, 2012 Curve Ninjas Curve Overview Using Curve Implementation Lessons Ninjas Shinobi Kun An John Chan David Mauskop Wisdom Omuya Zitong Wang Curve Ninjas

360 views • 17 slides
Storytelli Storytelling ng in in Infosec Infosec (Draft aft of) a Pr Practical ctical Guide

Storytelli Storytelling ng in in Infosec Infosec (Draft aft of) a Pr Practical ctical Guide

Dr. med. Christina Czeschik www.serapion.de Storytelli Storytelling ng in in Infosec Infosec (Draft aft of) a Pr Practical ctical Guide ide BalCCon 2k17 Sept 16, 2017, Novi Sad How to Make Users Behave Safely? Explain things to them?

566 views • 52 slides
InfoSec Training and Awareness Program Training & Employee InfoSec Yearly In-person

InfoSec Training and Awareness Program Training & Employee InfoSec Yearly In-person

InfoSec Training and Awareness Program Training & Employee InfoSec Yearly In-person Whitepapers, InfoSec Spear Awareness Comms Intranet Site Security Security Brochures E-mailbox Phishing Awareness Awareness Exercises

389 views • 36 slides
EXTENDS & SILENT CLASSES IN S ASS 3.2 its like ninjas in your code EXTENDS & SILENT

EXTENDS & SILENT CLASSES IN S ASS 3.2 its like ninjas in your code EXTENDS & SILENT

EXTENDS & SILENT CLASSES IN S ASS 3.2 its like ninjas in your code EXTENDS & SILENT CLASSES IN S ASS 3.2 its like ninjas in your code OOCSS FRAMEWORKS create objects to streamline application? OOCSS FRAMEWORKS attempts to

961 views • 94 slides
League of Legends: Scaling to Millions of Ninjas, Yordles,

League of Legends: Scaling to Millions of Ninjas, Yordles,

League of Legends: Scaling to Millions of Ninjas, Yordles, and Wizards Speaker Introduc=on Sco> Delap Scalability Architect, Riot Games, Inc.

1.25k views • 82 slides
Flex your Flex your InfoSec InfoSec muscles! muscles! Zuzana Bitterova Zuzana Bitterova

Flex your Flex your InfoSec InfoSec muscles! muscles! Zuzana Bitterova Zuzana Bitterova

Flex your Flex your InfoSec InfoSec muscles! muscles! Zuzana Bitterova Zuzana Bitterova This presentation is about Passion This presentation is NOT about Embracing change how to become an expert in the information security area

975 views • 49 slides
So basically same as a lot of us here: Wants to do cool InfoSec stuff, Wants to Stay out of Jail

So basically same as a lot of us here: Wants to do cool InfoSec stuff, Wants to Stay out of Jail

Changing Legal Landscape for Infosec Who I am: Elissa Shevinsky CEO of Jekudo Privacy Company @ElissaBeth and @Jekudo_Cat on Twitter Writer/Journalist Cautious Security Researcher So basically same as a lot of us here: Wants to do cool

472 views • 17 slides
HTTP/2 & InfoSec Anderson Dadario Topics HTTP Today Why HTTP/2 How it works

HTTP/2 & InfoSec Anderson Dadario Topics HTTP Today Why HTTP/2 How it works

HTTP/2 & InfoSec Anderson Dadario Topics HTTP Today Why HTTP/2 How it works What is relevant to your InfoSec job 2 HTTP Today Using HTTP 1.1 since 1997 / 1999 Connection: keep-alive Head of Line

376 views • 21 slides
Towards Efficient Verification of Population Protocols Javier Esparza Technical University of

Towards Efficient Verification of Population Protocols Javier Esparza Technical University of

Towards Efficient Verification of Population Protocols Javier Esparza Technical University of Munich Joint work with Michael Blondin, Stefan Jaax, and Philipp Meyer Deaf Black Ninjas in the Dark Deaf Black Ninjas meet at a Zen garden in

751 views • 62 slides
Stealth Secrets of the Malware Ninjas By Nick Harbour Overview Intro Background Info

Stealth Secrets of the Malware Ninjas By Nick Harbour Overview Intro Background Info

Stealth Secrets of the Malware Ninjas By Nick Harbour Overview Intro Background Info Malware Forensics and Incident Response Anti-Forensics Executables Stealth Techniques Live System Anti-Forensics Process

907 views • 76 slides
Statewide IT, InfoSec and Privacy Update S eptember 2019 Re c e nt Suc c e sse s o f Sha re d

Statewide IT, InfoSec and Privacy Update S eptember 2019 Re c e nt Suc c e sse s o f Sha re d

Statewide IT, InfoSec and Privacy Update S eptember 2019 Re c e nt Suc c e sse s o f Sha re d Se rvic e s $71,000 pe r ye ar for age nc ie s as we ll as $1.2 million in c ost avoide d by not ope r ating the DT O Pr int and Mail fac

327 views • 13 slides
Fig Leaf Security @haroonmeer - 2011 #disclaimer Who am i ? & Why this talk? A

Fig Leaf Security @haroonmeer - 2011 #disclaimer Who am i ? & Why this talk? A

Fig Leaf Security @haroonmeer - 2011 #disclaimer Who am i ? & Why this talk? A chance to meet our heroes! like Simple Nomad! thegnome: we expected thegnome: we got beard this is my rant.. The infosec industry ZA infosec

1.09k views • 64 slides
InfoSec 101 Introduction to Information Security for (non-IT) Professionals Fabian Lischka,

InfoSec 101 Introduction to Information Security for (non-IT) Professionals Fabian Lischka,

InfoSec 101 Introduction to Information Security for (non-IT) Professionals Fabian Lischka, Larry Salibra, Leonhard Weese FCC, Hong Kong, 2015-02-26 V0.97 from 2015-03-12 Content I n t r o d u c t i o n D i s c l a i m e r s

421 views • 30 slides
Cheapskate! Free and Excellent Infosec Career Resources Nathan Chan, CISSP C|EH 2019 Oct 11 1

Cheapskate! Free and Excellent Infosec Career Resources Nathan Chan, CISSP C|EH 2019 Oct 11 1

Cheapskate! Free and Excellent Infosec Career Resources Nathan Chan, CISSP C|EH 2019 Oct 11 1 / 48 Who Am I Three careers Flight Simulation both trainers and engineering Software Tester Security Worked in defense,

777 views • 48 slides
SirepRAT Windows IoT Core Abusing a Windows service for RCE About Me 7+ years in InfoSec

SirepRAT Windows IoT Core Abusing a Windows service for RCE About Me 7+ years in InfoSec

SirepRAT Windows IoT Core Abusing a Windows service for RCE About Me 7+ years in InfoSec Security Researcher @Safebreach Presented at DEFCON, DEEPSEC, Hackfest @bemikre Contents 1. Windows IoT Core 2. Live SirepRAT

967 views • 74 slides
INFOSEC: TOdayS INvISIblE baTTlESpaCE CapT JErad SaylEr, USaF Chief of Offensive Cyber

INFOSEC: TOdayS INvISIblE baTTlESpaCE CapT JErad SaylEr, USaF Chief of Offensive Cyber

INFOSEC: TOdayS INvISIblE baTTlESpaCE CapT JErad SaylEr, USaF Chief of Offensive Cyber Operations Work at HQ Air Force Space Command Grew up in Beulah, ND Commissioned 2009 from UND ROTC program Computer Science Degree from

645 views • 18 slides
DNSSEC usage sta-s-cs and some observa-ons SEE 5, Tirana Sergey Myasoedov 20.4.2016 DNSSEC

DNSSEC usage sta-s-cs and some observa-ons SEE 5, Tirana Sergey Myasoedov 20.4.2016 DNSSEC

DNSSEC usage sta-s-cs and some observa-ons SEE 5, Tirana Sergey Myasoedov 20.4.2016 DNSSEC history Defined by RFCs 4033-4035 March 2005 Root zone signed July 2010 March 2011 the biggest zone .com signed New GTLD

811 views • 32 slides
An Overview of Blockchain Technologies and Uses (Day 2) Andy Dolan Computer Science

An Overview of Blockchain Technologies and Uses (Day 2) Andy Dolan Computer Science

An Overview of Blockchain Technologies and Uses (Day 2) Andy Dolan Computer Science Department Colorado State University Last Time we Covered An Introduction to Bitcoin The Core Features: What is a Blockchain? Distributed

731 views • 33 slides
50 32 , CTO of Mail Services at

50 32 , CTO of Mail Services at

50 32 , CTO of Mail Services at Mail.ru 50 85%

1.18k views • 84 slides
PrivacyMail: Towards Transparency in Email Tracking Max Maass , Stephan Schwr, Matthias Hollick

PrivacyMail: Towards Transparency in Email Tracking Max Maass , Stephan Schwr, Matthias Hollick

PrivacyMail: Towards Transparency in Email Tracking Max Maass , Stephan Schwr, Matthias Hollick Secure Mobile Networking Lab, TU Darmstadt 31.05.2019 | Technische Universitt Darmstadt | 1 31.05.2019 | Technische Universitt Darmstadt | 1

244 views • 20 slides
Introduction to Computer Security UNIX Security Pavel Laskov Wilhelm Schickard Institute for

Introduction to Computer Security UNIX Security Pavel Laskov Wilhelm Schickard Institute for

Introduction to Computer Security UNIX Security Pavel Laskov Wilhelm Schickard Institute for Computer Science Genesis: UNIX vs. MULTICS MULTICS (Multiplexed Information and Computing Service) a high-availability, modular, multi-component

480 views • 35 slides
RISING 10,11,12 SCHEDULING PRESENTATION January 9, 2019 Phoenixville Area High School

RISING 10,11,12 SCHEDULING PRESENTATION January 9, 2019 Phoenixville Area High School

RISING 10,11,12 SCHEDULING PRESENTATION January 9, 2019 Phoenixville Area High School Principal: Dr. Parkinson Assistant Principal: Mr. Sutton Assistant Principal: Mr. Perecko Director of Student Activities & Athletics: Mr. Gionta School

504 views • 28 slides
Junior Parent Presentation February 20, 2019 Welcome Presenters: Mrs. Yvonne Sternemann

Junior Parent Presentation February 20, 2019 Welcome Presenters: Mrs. Yvonne Sternemann

Junior Parent Presentation February 20, 2019 Welcome Presenters: Mrs. Yvonne Sternemann (ysternemann@chesterufsd.org) Ms. Jenny McKenzie (jmckenzie@chesterufsd.org) Graduation Requirements 4 years of English, Social Studies and PE 3

601 views • 18 slides
The Risks Of The Digital Age by contributing author nick ioannou My Amazon Author Page can be

The Risks Of The Digital Age by contributing author nick ioannou My Amazon Author Page can be

The Risks Of The Digital Age by contributing author nick ioannou My Amazon Author Page can be found at: www.amazon.com/author/nick-ioannou Author Contributing Author Who is nick ioannou? DATA COLLECTION The Incredible Growth Of The

885 views • 67 slides

More recommend