BHIS | No SPAN Port? No Tap? No Problem! – John Strand
Recorded • 2021-04-15
Join the BHIS Community Discord: https://discord.gg/bhis
00:00 – FEATURE PRESENTATION: No SPAN Port? No Tap? No Problem!
06:00 – Mental Blocks
10:52 – Solution to Mental Blocks
16:26 – ARP Cache Poisoning
33:26 – Step One: Ubuntu
34:36 – Step Two: RITA/Zeek/Mongo
36:45 – Step Three: Install Bettercap
38:09 – Step Four: Start Bettercap
39:52 – Step Five: Advanced – arp-spoof
45:46 – Success!
47:08 – RITA: Import & Analyze
49:42 – RITA: Beacons
52:35 – What Now?
58:29 – QnA
[Post]Show Job Hunting – https://youtu.be/sPoMPaWPP6o
PreShow Banter™ — COMING SOON
Check out our training courses at
https://wildwesthackinfest.com/training/
Music by Beau Bullock:
https://www.nobandwidth.io
We’ve been having a problem with people that want to play with Security Onion or RITA at home. If a home router does not have a mirror port it can be difficult to try cool/free network monitoring tools.
Sure, one could buy another router that has those features. But it is far easier to not do that. So, people don’t. Time goes on and they never get to play with the free enterprise-level cool tools at work or at home.
However, there are a couple of ways to set up full network monitoring at home. No taps, no mirrored ports, no expensive/obscure devices to buy.
In fact, the more basic and crappy the wireless router/switch is, the better these techniques work.
So, in this Black Hills Information Security (BHIS) webcast, we will give you a super easy and hacky way to get open-source enterprise network monitoring up and running at home in no time flat.
Engage with John and your fellow attendees during the live webcast session on the BLACK HILLS INFOSEC Discord server: https://discord.com/invite/bhis
by Black Hills Information Security
linux dhcp server
