Posts

Showing posts from October, 2016

Beginner’s guide: OSSIM Part 2

Image
Hope all of you are keeping well. Thank you all for the overwhelming support you people are giving me. So today we’ll deal with everything from basic OSSIM configuration to integrating different types of assets. Before we jump in to all of that I hope all of you are ready with installation. If not please visit my previous post, which is actually the first part. Beginner’s guide: OSSIM (Open Source Security Information Management) part 1 Make sure you have an active internet connection for your OSSIM. As you all know the Alienvault platform has five modules in it, which are the Asset discovery, vulnerability assessment, threat detection, behavioural monitoring and security intelligence. In simple words we add assets first, and then we’ll configure all those assets under each and every module of Alienvault respectively. If you're ready with everything mentioned in part 1, we can now move forward with the configurations. Here we’re just considering only OSSIM not USM....

Jumpstart your Wireshark skills

Image
Wireshark essential tutorial What we are going to do? In this post, we will start learning Wireshark from the scratch. I’ll show the menus, filters and many other options. Most of the people know about Wirehsark, but they don’t want to try it, because they simply don’t know how to write filters. My key focus will be on creating filter, not writing filters. Yes it is true, that you can make filters without learning those filter parameters. On simple words, you can use Wireshark without touching the keyboard. Those who have kali linux, they have it in Kalilinux. I’ll be using wireshark 32 bit version. I’ll concentrate on HTTP traffic throughout the tutorial. So let’s start with little bit of theory