Security

• Cisco ASA Packet Capture
• Ports Used by LWAPP/CAPWAP

• Cisco SourceFire
• Snort IDS
• CheckPoint
• BroNSM
• TrendMicro Tipping Point

1) Never self incriminate
  * Never admit
  * Deny everything
  * Demand proof
  * Make counter-allegations
  * Act belligerent and throw stuff
2) No excuses
3) Don't put your dick in crazy
        3a) Don't let crazy put its dick in you
4) Don't be "**that guy**"
5) Be excellent to each other
6) Document all the things!!
  * Is it in the wiki?
  * Paper trail or it didn't happen, CC everyone or you didn't do it.
  * If it isn't in an email, or ticket, it never happened.
7) Always trust your wingman

1. Trust me, the community isn't the best, but it's better than nothing.
   • https://community.bit9.com/login.jspa?referer=%252Findex.jspa
2. Quick Guide to Carbon Black

1. kbkippoinstalonamazon.pdf
2. http://how-to.linuxcareer.com/deployment-of-kippo-ssh-honeypot-on-ubuntu-linux
3. http://bruteforce.gr/kippo-reveals-itself-with-w-and-uptime-commands.html

• HPE ArcSight
• LogRhythm
• IBM QRadar
• McAfee Nitro