CDMCS
CDMCS copied to clipboard
hillar
Cyber Defence Monitoring Course Suite :: Suricata, Bro, Moloch
- moving to https://github.com/ccdcoe/CDMCS
Cyber Defence Monitoring Course Suite (CDMCS)
This material has been designed to be taught in a classroom environment.
The material is missing some of the contextual concepts and ideas that will be covered in class.
This is 3 x ( .5 + 3 + .5 ) days of material for any intermediate-level dev-ops who has some experience with other security|monitoring tools and wants to learn Suricata, Bro and Moloch. We believe these classes are perfect for anyone who wants a jump start in learning Suricata, Bro and Moloch or who wants a more thorough understanding of the three and their internals.
Minimal Qualified Student
TODO ....
Before You Come To Class
Please visit:
- http://suricata-ids.org/
- https://www.bro.org/
- https://github.com/aol/moloch
Historical material:
- vagrant multi-machine: Moloch, Bro,Suricata,ElasticSearch,Kibana
- Getting started with Network Forensics
Go to the material
| . | Suricata | Bro | Moloch |
|---|---|---|---|
| day 0 :: intro | * | * | * |
| day 1 :: single box | * | * | * |
| day 2 :: cluster | * | * | * |
| day 3 :: advanced | * | * | * |
| day +1 :: wrapup | * | * | * |
Current Classes
- Suricata :: Rule-based Threat Detection Course
- Bro :: Semantic Network Security Monitoring Course
- Moloch :: Large-Scale Packet Capture Analysis Course
hillar