April 15

Webinar Takeaway: No SPAN Port? No Tap? No Problem!

Security

0  comments

My key takeaways

  • setting up security in home network is no easy job
  • no tap port? Think ARP cache poisoning
  • don't run it on a production network!
  • Put RITA and Bettercap on a Raspberry Pi
  • Bettercap is able to do full duplex ARP cache poisoning
    • have to enable it in the config
    • you can whitelist devices as well
  • Re-configure the default gateway to the sniffing device avoids alot of the probs but is harder to do. Using a simple device for ARP cache poisoning is almost plug'n play.
  • all you need is one network adapter

Env

additional links

Tags

blue team, firewall, home network

You may also like

What Fantasy Role-Playing Games Can Teach Us About Cybersecurity Roles

— And why your SOC might actually need a Bard 🐉⚔️ Cybersecurity teams are often compared to armies, fire brigades, or special forces. Personally? I think they’re much closer to a party of heroes in a classic fantasy role-playing game. No matter how many frameworks, SIEMs, or AI tools we summon, defending a digital kingdom

Read More

Webinar takeaway – Malware of the Day

My key takeaways "Malware of the Day" is about simulating one malware or exploit that was found "in the wild" why? to share with the public so that we can test our security detection abilities in place sharing (safe) PCAPs with identified C2 methods and network traffic patterns smoke detectors are not build to prevent

Read More
Leave a Comment