Suricata and the Shark: suriwire · Suricata and the Shark: suriwire É. Leblond Stamus Networks...

Preview:

Click to see full reader

Citation preview

Suricata and the Shark: suriwire

É. Leblond

Stamus Networks

July. 03, 2018

É. Leblond (Stamus Networks) Suricata and the Shark: suriwire July. 03, 2018 1 / 7

Get the mascot

Available on Amazon: https://www.amazon.co.uk/Vivid-Arts-Meerkat-Shark-Onesie/dp/B01MAYA3A1

For only 19.99 brexit coins1

1Worth 76745.63 Columbian PesoÉ. Leblond (Stamus Networks) Suricata and the Shark: suriwire July. 03, 2018 2 / 7

https://www.amazon.co.uk/Vivid-Arts-Meerkat-Shark-Onesie/dp/B01MAYA3A1
https://www.amazon.co.uk/Vivid-Arts-Meerkat-Shark-Onesie/dp/B01MAYA3A1

Get Suricata information in Wireshark

É. Leblond (Stamus Networks) Suricata and the Shark: suriwire July. 03, 2018 3 / 7

Also get extracted metadata

É. Leblond (Stamus Networks) Suricata and the Shark: suriwire July. 03, 2018 4 / 7

Filter is working

É. Leblond (Stamus Networks) Suricata and the Shark: suriwire July. 03, 2018 5 / 7

How it works

Wireshark plugin written in LuaLoad JSON file generated by Suricata (viaTools->Suricata->Activate)Add a new top domain protocol named suricata

É. Leblond (Stamus Networks) Suricata and the Shark: suriwire July. 03, 2018 6 / 7

Questions ?

Thanks toanonymous NSA agentWireshark teamOISF and Suricata team

Contact meel@stamus-networks.comTwitter: @regiteric

Get it, use ithttps://github.com/regit/suriwire

É. Leblond (Stamus Networks) Suricata and the Shark: suriwire July. 03, 2018 7 / 7

https://github.com/regit/suriwire
https://github.com/regit/suriwire

Recommended

Suricata and XDP, Performance with a S like Security · Kernel ask userspace for decision on packets É. Leblond (OISF) Suricata and XDP Nov. 29, 20189/43. 1 Introduction Suricata
Documents
State of Suricata - inliniac.net · 10 years of Suricata Name “Suricata” came from the suggestion of using the Meerkat as mascot Latin Genus name: “Suricata” Late July 2009
Documents
Turris Omnia a Suricata - nic.cz · Turris Omnia a Suricata Když iptables nestačí Michal Hrušecký Michal.Hrusecky@nic.cz
Documents
Suricata Update DocumentationSuricata Update Documentation, Release 1.2.0dev0 suricata-update 1.6List Enabled Sources suricata-updatelist-enabled-sources 1.7Disable a Source suricata-update
Documents
Meerkat (Suricata suricatta)
Art & Photos
Suricata - workshop.netfilter.org · Suricata Éric Leblond / Victor Julien OISF March 12, 2013 Éric Leblond / Victor Julien (OISF) Suricata March 12, 2013 1 / 41
Documents
Suricata IDS/IPS - Vereniging NLUUG · Suricata creator and lead dev ... – Suricata – ELK stack ... – e.g. various ELK parts from the official ELK images
Documents
Office suite and firewall - Netfilter · Office suite and firewall É. Leblond Stamus Networks 2016 June 27 É. Leblond (Stamus Networks) Office suite and firewall 2016 June 27
Documents
PRESENTAZIONE STAGES FORMATIVI PRESSO SOCIETA' SURICATA
Documents
Advances in Suricata - DeepSec · 2012-02-02 · Advances in Suricata ... Suricata can efficiently load them all and match with low overhead. Advanced HTTP inspection and logging
Documents
Bro Befriends Suricata - zeek.org · Bro Befriends Suricata 23/09/16 20:23 Page 1 of 47 BRO BEFRIENDS SURICATA SURICATA AND BRO FIGHTING MALWARE TOGETHER
Documents
Virtualizing Suricata* IPS Using Hyperscan Pattern Matching · Suricata* Overview Suricata is an open source-based intrusion detection system (IDS), intrusion prevention system (IPS),
Documents
Suricata - Suricata.yaml Reference
Documents
Suricata User Guide
Documents
Bro Befriends Suricata · Bro Befriends Suricata 23/09/16 20:23 Page 2 of 47
Documents
Paper Suricata (1)
Documents
Suricata: détection d'intrusion réseau - eole.ac-dijon.freole.ac-dijon.fr/presentations/2016 juin/ 2016-06-15-Suricata–IDS... · Points clés de Suricata Suricata Analyse pro-tocolaire
Documents
Software IDS Dan IPS Suricata
Documents
FIAT7IFTA @ dubai 2013 SURICATA PAPER
Entertainment & Humor
Suricata and eBPF
Documents