CDMCS
Cyber Defence Monitoring Course Suite :: Suricata, Bro, Moloch
Install / Use
/learn @hillar/CDMCSREADME
- moving to https://github.com/ccdcoe/CDMCS
Cyber Defence Monitoring Course Suite (CDMCS)
This material has been designed to be taught in a classroom environment.
The material is missing some of the contextual concepts and ideas that will be covered in class.
This is 3 x ( .5 + 3 + .5 ) days of material for any intermediate-level dev-ops who has some experience with other security|monitoring tools and wants to learn Suricata, Bro and Moloch. We believe these classes are perfect for anyone who wants a jump start in learning Suricata, Bro and Moloch or who wants a more thorough understanding of the three and their internals.
Minimal Qualified Student
TODO ....
Before You Come To Class
Please visit:
- http://suricata-ids.org/
- https://www.bro.org/
- https://github.com/aol/moloch
Historical material:
- vagrant multi-machine: Moloch, Bro,Suricata,ElasticSearch,Kibana
- Getting started with Network Forensics
Go to the material
.| Suricata | Bro | Moloch
--- | --- | --- | ---
day 0 :: intro| * | * | *
day 1 :: single box| * | * | *
day 2 :: cluster| * | * | *
day 3 :: advanced| *| *| *
day +1 :: wrapup| *| * | *
Current Classes
- Suricata :: Rule-based Threat Detection Course
- Bro :: Semantic Network Security Monitoring Course
- Moloch :: Large-Scale Packet Capture Analysis Course
Teachers
Thanks
Related Skills
tmux
351.2kRemote-control tmux sessions for interactive CLIs by sending keystrokes and scraping pane output.
diffs
351.2kUse the diffs tool to produce real, shareable diffs (viewer URL, file artifact, or both) instead of manual edit summaries.
terraform-provider-genesyscloud
Terraform Provider Genesyscloud
blogwatcher
351.2kMonitor blogs and RSS/Atom feeds for updates using the blogwatcher CLI.
