Bro IDS
Threat Hunting with Bro IDS
This post is a quick look at how I personally use Bro IDS for threat hunting. Specifically some of the queries I run when I start a hunt by data set. A quick note on Bro. Bro IDS is a pretty amazing piece of software for threat hunting and my go to tool of choice.
Read More…
How to Install Bro IDS 2.5 on Ubuntu 16.0x
I decided to write out the steps I took to for installing Bro IDS 2.5 on Ubuntu 16.0x. Before we begin installing Bro from source we need to make sure we have all the correct dependencies. On Ubuntu 16.0x you can run the following: sudo apt-get install cmake make gcc g++ flex git bison libpcap-dev
Read More…