security_wiki:main

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revision Previous revision
Next revision 		Previous revision
security_wiki:main [2015/12/30 17:05]
mikeofmany adding CB 		security_wiki:main [2019/05/25 23:50] (current)
Line 1: Line 1:
 ====== Security ====== ====== Security ======
 {{ :security_wiki:security.jpeg?nolink&150|}} {{ :security_wiki:security.jpeg?nolink&150|}}
-==== Firewalls ====+ 
 +===== Firewalls =====
   * [[ Cisco ASA Packet Capture ]]   * [[ Cisco ASA Packet Capture ]]
   * [[ Ports Used by LWAPP/CAPWAP ]]   * [[ Ports Used by LWAPP/CAPWAP ]]
  
-==== IDS/IPS ==== +---- 
-  * Qradar + 
-  * ArcSite+===== IDS/IPS ===== 
 +  * Cisco SourceFire
   * Snort IDS   * Snort IDS
   * CheckPoint   * CheckPoint
   * BroNSM   * BroNSM
-==== The Rules of Network Security ==== +  * TrendMicro Tipping Point 
-  Never self incriminate+ 
 +---- 
 + 
 +===== The Rules of Network Security ===== 
 +  1) Never self incriminate
     * Never admit     * Never admit
     * Deny everything     * Deny everything
Line 18: Line 24:
     * Make counter-allegations     * Make counter-allegations
     * Act belligerent and throw stuff     * Act belligerent and throw stuff
-  No excuses +  2) No excuses 
-  Don't put your dick in crazy +  3) Don't put your dick in crazy 
-    * **Alternate:** Don't let crazy put its dick in you +          3a) Don't let crazy put its dick in you 
-  Don't be "**that guy**" +  4) Don't be "**that guy**" 
-  Be excellent to each other +  5) Be excellent to each other 
-  Document all the things!!+  6) Document all the things!!
     * Is it in the wiki?     * Is it in the wiki?
     * Paper trail or it didn't happen, CC everyone or you didn't do it.     * Paper trail or it didn't happen, CC everyone or you didn't do it.
     * If it isn't in an email, or ticket, it never happened.     * If it isn't in an email, or ticket, it never happened.
-  Always trust your wingman+  7) Always trust your wingman
  
-===Carbon Black===+---- 
 + 
 +===== Carbon Black =====
   - Trust me, the community isn't the best, but it's better than nothing.   - Trust me, the community isn't the best, but it's better than nothing.
     * https://community.bit9.com/login.jspa?referer=%252Findex.jspa     * https://community.bit9.com/login.jspa?referer=%252Findex.jspa
   - [[ Quick Guide to Carbon Black ]]   - [[ Quick Guide to Carbon Black ]]
 +
 +----
 +
 +===== Kippo HoneyPot =====
 +  - {{ security_wiki:kbkippoinstalonamazon.pdf }}
 +  - http://how-to.linuxcareer.com/deployment-of-kippo-ssh-honeypot-on-ubuntu-linux
 +  - http://bruteforce.gr/kippo-reveals-itself-with-w-and-uptime-commands.html 
 +
 +----
 +
 +==== SIEMs ====
 +  * [[ HPE ArcSight ]]
 +  * [[ LogRhythm ]]
 +  * IBM QRadar
 +  * McAfee Nitro
 +
 +----
  • security_wiki/main.1451513121.txt.gz
  • Last modified: 2019/05/25 23:50
  • (external edit)