infosec ninjas
play

InfoSec Ninjas Croissants Intrusion Detection and Prevention System - PowerPoint PPT Presentation

Mar 08, 2024 •140 likes •261 views

InfoSec Ninjas Croissants Intrusion Detection and Prevention System (IDPS) InfoSec Ninjas Who am I? Samiux is an Information Security Enthusiast. - OSCE, OSCP, OSWP - Blogger - Linux user Hobbies : - Programming - Reading

  1. InfoSec Ninjas Croissants Intrusion Detection and Prevention System (IDPS)

  2. InfoSec Ninjas Who am I? Samiux is an Information Security Enthusiast. ● - OSCE, OSCP, OSWP ● - Blogger ● - Linux user Hobbies : ● - Programming ● - Reading ● - Pentesting

  3. InfoSec Ninjas What is Croissants? Croissants is an Intrusion Detection and Prevention System based on Suricata. ● - Developed by Samiux since 2012 ● - Open Source under GPLv3 ● - Intrusion Prevention System (IPS) ● - High Performance ● - Ultra-low Latency ● - Network based ● - Host based ● - Not Embedded Linux

  4. InfoSec Ninjas Main components : ● - Suricata ● - Hyperscan ● - Ubuntu Server

  5. InfoSec Ninjas General Features : ● - Blocks known malicious activities ● - Blocks known malware and virus ● - Easy and straight forward interfaces ● - Compatible with Bittorrent and 4K video streaming ● - Ultra-low latency for demanding online games ● - Compatible with Microsoft Windows, GNU Linux, Apple macOS, Apple iOS, Google Android ● - No subscription fee ● - Automatically update and upgrade ● - Urgent Update Push ● - Plug, Play and Forget!

  6. InfoSec Ninjas Detailed Features : ● - Emerging Threats (ET) Open Ruleset (Default, Free) ● - ET Pro Ruleset (Optional, Expense) ● - Malware Hashes Ruleset - MD5, SHA1, SHA256 ● - Malware SSL/TLS Fingerprints Ruleset - JA3 ● - Protocol Ruleset - SSH, DNS, TLS, etc ● - Malicious/Compromised IP Addresses Blacklist ● - TOR (The Onion Router) Exit Nodes Blacklist ● - Malicious URL/Domain Blacklist ● - Malicious SSL/TLS Fingerprints Blacklist ● - Bandwidth Over 10Gbps ● - Drop instead of Reject

  7. InfoSec Ninjas NON Open Source Features : ● - Not For Sale ● - Blocks Common Scanners ● e.g. nmap, masscan, Shodan, Censys, Zoomeye

  8. InfoSec Ninjas Minimum Requirements : (1) Hardware ● - Multi-Core Intel/AMD x86 CPU (at least Intel ATOM D2550) ● - 8GB DDR3 RAM or more ● - 64GB SSD or more ● - 3 Network Interface Cards/Ports (Network Based only) ● - 1 Network Interface Card/Port (Host Based only) ● - CPU with AVX2 or better (at least SSSE3) ● * Intel ATOM D2550 can handle up to 300Mbps traffic only (2) Software ● Ubuntu Server LTS (64-bit)

  9. InfoSec Ninjas Demo Open Source Interfaces (Network Based) ● glances and netdata - https://youtu.be/kVHKU32Mky8 Non Open Source Features ● Shodan - https://youtu.be/OoPS8Au2kAw ● nmap - https://youtu.be/uwcCDcdaRT4 Live Target (Online Time Is Limited) ● Croissants and Longjing (Deep Learning Driven Web Application Firewall) ● Infosec Projects - http://www.infosec-projects.com/

  10. InfoSec Ninjas Reference ● Suricata - https://suricata-ids.org/ ● Hyperscan - https://www.hyperscan.io/ ● Ubuntu - https://ubuntu.com/ ● Croissants - https://www.infosec-ninjas.com/croissants ● Freenode - #infosec-ninjas (SSL and Port 6697) ● Infosec Ninjas - https://www.infosec-ninjas.com/

  11. InfoSec Ninjas Thank you!

  12. InfoSec Ninjas Q&A

Recommend

Curve Curve Ninjas December 19, 2012 Curve Ninjas Curve Overview Using Curve Implementation

Curve Curve Ninjas December 19, 2012 Curve Ninjas Curve Overview Using Curve Implementation

Overview Using Curve Implementation Lessons Curve Curve Ninjas December 19, 2012 Curve Ninjas Curve Overview Using Curve Implementation Lessons Ninjas Shinobi Kun An John Chan David Mauskop Wisdom Omuya Zitong Wang Curve Ninjas

360 views • 17 slides
Storytelli Storytelling ng in in Infosec Infosec (Draft aft of) a Pr Practical ctical Guide

Storytelli Storytelling ng in in Infosec Infosec (Draft aft of) a Pr Practical ctical Guide

Dr. med. Christina Czeschik www.serapion.de Storytelli Storytelling ng in in Infosec Infosec (Draft aft of) a Pr Practical ctical Guide ide BalCCon 2k17 Sept 16, 2017, Novi Sad How to Make Users Behave Safely? Explain things to them?

566 views • 52 slides
InfoSec Training and Awareness Program Training & Employee InfoSec Yearly In-person

InfoSec Training and Awareness Program Training & Employee InfoSec Yearly In-person

InfoSec Training and Awareness Program Training & Employee InfoSec Yearly In-person Whitepapers, InfoSec Spear Awareness Comms Intranet Site Security Security Brochures E-mailbox Phishing Awareness Awareness Exercises

389 views • 36 slides
EXTENDS & SILENT CLASSES IN S ASS 3.2 its like ninjas in your code EXTENDS & SILENT

EXTENDS & SILENT CLASSES IN S ASS 3.2 its like ninjas in your code EXTENDS & SILENT

EXTENDS & SILENT CLASSES IN S ASS 3.2 its like ninjas in your code EXTENDS & SILENT CLASSES IN S ASS 3.2 its like ninjas in your code OOCSS FRAMEWORKS create objects to streamline application? OOCSS FRAMEWORKS attempts to

961 views • 94 slides
League of Legends: Scaling to Millions of Ninjas, Yordles,

League of Legends: Scaling to Millions of Ninjas, Yordles,

League of Legends: Scaling to Millions of Ninjas, Yordles, and Wizards Speaker Introduc=on Sco> Delap Scalability Architect, Riot Games, Inc.

1.25k views • 82 slides
Flex your Flex your InfoSec InfoSec muscles! muscles! Zuzana Bitterova Zuzana Bitterova

Flex your Flex your InfoSec InfoSec muscles! muscles! Zuzana Bitterova Zuzana Bitterova

Flex your Flex your InfoSec InfoSec muscles! muscles! Zuzana Bitterova Zuzana Bitterova This presentation is about Passion This presentation is NOT about Embracing change how to become an expert in the information security area

975 views • 49 slides
So basically same as a lot of us here: Wants to do cool InfoSec stuff, Wants to Stay out of Jail

So basically same as a lot of us here: Wants to do cool InfoSec stuff, Wants to Stay out of Jail

Changing Legal Landscape for Infosec Who I am: Elissa Shevinsky CEO of Jekudo Privacy Company @ElissaBeth and @Jekudo_Cat on Twitter Writer/Journalist Cautious Security Researcher So basically same as a lot of us here: Wants to do cool

472 views • 17 slides
HTTP/2 & InfoSec Anderson Dadario Topics HTTP Today Why HTTP/2 How it works

HTTP/2 & InfoSec Anderson Dadario Topics HTTP Today Why HTTP/2 How it works

HTTP/2 & InfoSec Anderson Dadario Topics HTTP Today Why HTTP/2 How it works What is relevant to your InfoSec job 2 HTTP Today Using HTTP 1.1 since 1997 / 1999 Connection: keep-alive Head of Line

376 views • 21 slides
Towards Efficient Verification of Population Protocols Javier Esparza Technical University of

Towards Efficient Verification of Population Protocols Javier Esparza Technical University of

Towards Efficient Verification of Population Protocols Javier Esparza Technical University of Munich Joint work with Michael Blondin, Stefan Jaax, and Philipp Meyer Deaf Black Ninjas in the Dark Deaf Black Ninjas meet at a Zen garden in

751 views • 62 slides
Stealth Secrets of the Malware Ninjas By Nick Harbour Overview Intro Background Info

Stealth Secrets of the Malware Ninjas By Nick Harbour Overview Intro Background Info

Stealth Secrets of the Malware Ninjas By Nick Harbour Overview Intro Background Info Malware Forensics and Incident Response Anti-Forensics Executables Stealth Techniques Live System Anti-Forensics Process

907 views • 76 slides
Statewide IT, InfoSec and Privacy Update S eptember 2019 Re c e nt Suc c e sse s o f Sha re d

Statewide IT, InfoSec and Privacy Update S eptember 2019 Re c e nt Suc c e sse s o f Sha re d

Statewide IT, InfoSec and Privacy Update S eptember 2019 Re c e nt Suc c e sse s o f Sha re d Se rvic e s $71,000 pe r ye ar for age nc ie s as we ll as $1.2 million in c ost avoide d by not ope r ating the DT O Pr int and Mail fac

327 views • 13 slides
Fig Leaf Security @haroonmeer - 2011 #disclaimer Who am i ? & Why this talk? A

Fig Leaf Security @haroonmeer - 2011 #disclaimer Who am i ? & Why this talk? A

Fig Leaf Security @haroonmeer - 2011 #disclaimer Who am i ? & Why this talk? A chance to meet our heroes! like Simple Nomad! thegnome: we expected thegnome: we got beard this is my rant.. The infosec industry ZA infosec

1.09k views • 64 slides
InfoSec 101 Introduction to Information Security for (non-IT) Professionals Fabian Lischka,

InfoSec 101 Introduction to Information Security for (non-IT) Professionals Fabian Lischka,

InfoSec 101 Introduction to Information Security for (non-IT) Professionals Fabian Lischka, Larry Salibra, Leonhard Weese FCC, Hong Kong, 2015-02-26 V0.97 from 2015-03-12 Content I n t r o d u c t i o n D i s c l a i m e r s

421 views • 30 slides
Cheapskate! Free and Excellent Infosec Career Resources Nathan Chan, CISSP C|EH 2019 Oct 11 1

Cheapskate! Free and Excellent Infosec Career Resources Nathan Chan, CISSP C|EH 2019 Oct 11 1

Cheapskate! Free and Excellent Infosec Career Resources Nathan Chan, CISSP C|EH 2019 Oct 11 1 / 48 Who Am I Three careers Flight Simulation both trainers and engineering Software Tester Security Worked in defense,

777 views • 48 slides
SirepRAT Windows IoT Core Abusing a Windows service for RCE About Me 7+ years in InfoSec

SirepRAT Windows IoT Core Abusing a Windows service for RCE About Me 7+ years in InfoSec

SirepRAT Windows IoT Core Abusing a Windows service for RCE About Me 7+ years in InfoSec Security Researcher @Safebreach Presented at DEFCON, DEEPSEC, Hackfest @bemikre Contents 1. Windows IoT Core 2. Live SirepRAT

967 views • 74 slides
INFOSEC: TOdayS INvISIblE baTTlESpaCE CapT JErad SaylEr, USaF Chief of Offensive Cyber

INFOSEC: TOdayS INvISIblE baTTlESpaCE CapT JErad SaylEr, USaF Chief of Offensive Cyber

INFOSEC: TOdayS INvISIblE baTTlESpaCE CapT JErad SaylEr, USaF Chief of Offensive Cyber Operations Work at HQ Air Force Space Command Grew up in Beulah, ND Commissioned 2009 from UND ROTC program Computer Science Degree from

645 views • 18 slides
Reversing P25 Radio Scanners Let's beat a dead horse. Super Quick Presentation Founder of

Reversing P25 Radio Scanners Let's beat a dead horse. Super Quick Presentation Founder of

Reversing P25 Radio Scanners Let's beat a dead horse. Super Quick Presentation Founder of an obscurely named infosec company (see footer) founded at the end of 2011 infosec dev, pentests president, lead coder, chief janitor

405 views • 37 slides
A Recareering Framework @fuzzing_panda A Recareering Framework 1. Framework a. Recon b.

A Recareering Framework @fuzzing_panda A Recareering Framework 1. Framework a. Recon b.

A Recareering Framework @fuzzing_panda A Recareering Framework 1. Framework a. Recon b. Vulnerability Analysis c. Exploitation 2. Life Hack 3. A word to the wise history | grep -v infosec history | grep -v infosec How did I recareer into

697 views • 21 slides
Smart Grid IoT Security Kwaku Sarpong Manu About Me Computer Engineer Novice InfoSec researcher

Smart Grid IoT Security Kwaku Sarpong Manu About Me Computer Engineer Novice InfoSec researcher

Smart Grid IoT Security Kwaku Sarpong Manu About Me Computer Engineer Novice InfoSec researcher Signals Intelligence Cyanide and Happiness junkie Twitter: @_kwaku__ Electricity, Water and Gas What is Smart Grid IoT? Internet of things

764 views • 21 slides
iPanSec.com SOAPA Dashboard Smart InfoSec Automation Zero Trust Assurance Suite SOAPA

iPanSec.com SOAPA Dashboard Smart InfoSec Automation Zero Trust Assurance Suite SOAPA

iPanSec.com SOAPA Dashboard Smart InfoSec Automation Zero Trust Assurance Suite SOAPA Dashboard Integrated with Network Layer (PacketX , UPAS) Field WiFi /BLE /ZigBee Layer (ArcRan iSecMaster) Endpoint Layer (Comodo)

549 views • 13 slides
. IoT or Internet of {Things,Threats} Thomas (@nyx__o) Malware Researcher at ESET CTF lover

. IoT or Internet of {Things,Threats} Thomas (@nyx__o) Malware Researcher at ESET CTF lover

. IoT or Internet of {Things,Threats} Thomas (@nyx__o) Malware Researcher at ESET CTF lover Open source contributor Olivier (@obilodeau) Malware Researcher at ESET Infosec lecturer at ETS University in Montreal Previously infosec

1.25k views • 104 slides
InfoSec Cinema Rogue One: a Star Wars Story 26 th of April 2018 WELCOME! Important No fire

InfoSec Cinema Rogue One: a Star Wars Story 26 th of April 2018 WELCOME! Important No fire

InfoSec Cinema Rogue One: a Star Wars Story 26 th of April 2018 WELCOME! Important No fire alarms planned today Description of the activity Short description of the activity (this) Movie Screening Discussion Purpose of the

500 views • 33 slides
RFID Hacking Live Free or RFID Hard 24 Mar 2015 InfoSec World 2015 Orlando, FL Presen

RFID Hacking Live Free or RFID Hard 24 Mar 2015 InfoSec World 2015 Orlando, FL Presen

RFID Hacking Live Free or RFID Hard 24 Mar 2015 InfoSec World 2015 Orlando, FL Presen sented ed b by: Francis Brown & Rob Ragan Bishop Fox www.bishopfox.com Agenda O V E R V I E W Qu Quic ick k Over erview ew

853 views • 57 slides
Infosec & counter-surveillance writing what powerful people don't want written means you have

Infosec & counter-surveillance writing what powerful people don't want written means you have

Infosec & counter-surveillance writing what powerful people don't want written means you have something to hide Arjen Kamphuis arjen@gendo.ch Have you been using: Have you been using: e-mail e-mail video or voice chat video or voice

511 views • 50 slides

More recommend