01-16-2020 ACM Webcast: How to Use a Raspberry Pi as a Network Sensor

Active Countermeasures Webcast

01-16-2020

How to Use a Raspberry Pi as a Network Sensor

How to use a Raspberry Pi as a Network Sensor!

Stealth – Size – Cost – Bang for the buck: pick any 4!

Running a network sensor, IDS, or IPS can be a costly venture; the high-end ones can cost more than a used car. In this webcast we’ll cover running a network sensor using a Raspberry Pi, a miniature single-board computer that runs most anything you can run under Linux.

Bill will show you how to install and use the Zeek IDS and cover the performance aspects you’ll need to know. Setting up IDSs that cost about the same as a bike means you can monitor far more network segments simultaneously, and hide them behind a power brick if you have to.

No previous experience with the Pi is needed – you’ll have a shopping list of what to get. You will probably want basic familiarity with running commands under Linux.

Slides & Buy List

Read the Q&A From This Webcast

Presented by: Bill Stearns

Timeline:

  • 1:51 Presentation Outline
  • 2:12 Goals of This Talk
  • 3:24 Did Someone Say Raspberry Pie?
  • 14:50 Building the System
  • 19:21 Software Setup
  • 21:06 Network Setup
  • 28:06 Additional Steps
  • 31:20 Getting Packets
  • 34:09 Monitor the Span Port
  • 45:34 What Sniffing Tools to Use
  • 46:46 This Example
  • 50:49 Why Not a Traditional PC?
  • 53:51 To Infinity…
  • 56:05 References
AI-Hunter Datasheet
AI-Hunter Personal Demo
Subscribe to Our Blog
Archives

Sign up for email notifications of our new blog posts, threat hunting training, webcasts and other relevant information.

We are not spammy and you can unsubscribe at any time :)

* indicates required