====== Security ======
{{ :security_wiki:security.jpeg?nolink&150|}}

===== Firewalls =====
  * [[ Cisco ASA Packet Capture ]]
  * [[ Ports Used by LWAPP/CAPWAP ]]

----

===== IDS/IPS =====
  * Cisco SourceFire
  * Snort IDS
  * CheckPoint
  * BroNSM
  * TrendMicro Tipping Point

----

===== The Rules of Network Security =====
  1) Never self incriminate
    * Never admit
    * Deny everything
    * Demand proof
    * Make counter-allegations
    * Act belligerent and throw stuff
  2) No excuses
  3) Don't put your dick in crazy
          3a) Don't let crazy put its dick in you
  4) Don't be "**that guy**"
  5) Be excellent to each other
  6) Document all the things!!
    * Is it in the wiki?
    * Paper trail or it didn't happen, CC everyone or you didn't do it.
    * If it isn't in an email, or ticket, it never happened.
  7) Always trust your wingman

----

===== Carbon Black =====
  - Trust me, the community isn't the best, but it's better than nothing.
    * https://community.bit9.com/login.jspa?referer=%252Findex.jspa
  - [[ Quick Guide to Carbon Black ]]

----

===== Kippo HoneyPot =====
  - {{ security_wiki:kbkippoinstalonamazon.pdf }}
  - http://how-to.linuxcareer.com/deployment-of-kippo-ssh-honeypot-on-ubuntu-linux
  - http://bruteforce.gr/kippo-reveals-itself-with-w-and-uptime-commands.html 

----

==== SIEMs ====
  * [[ HPE ArcSight ]]
  * [[ LogRhythm ]]
  * IBM QRadar
  * McAfee Nitro

----