SHANER.LIFE

Month: January 2018

  • Bhyve pfSense 2.4 no console menu

    I ran into an annoying issue today while trying to install pfsense 2.4.2 in a bhyve VM using the ISO installer. Everything went swimmingly until post-install when pfsense finished startup and never provided the expected pfSense console. All it would show is bootup complete. I went through and confirmed /etc/ttys was configured properly and added…

  • A security event pipeline using Bro, Kafka, and FreeBSD Jails

    With the help of the Bro Kafka plug-in, we’ll configure Bro to stream JSON-formatted logs through Kafka and use python to subscribe and print events from the stream. This tutorial uses FreeBSD 11.1-RELEASE. But can easily be adapted to Linux installations. How do you monitor events from multiple Bro sensors throughout a network? Do you…

  • Bro on FreeBSD Using Netmap

    NETMAP is a framework for very fast packet I/O from userspace with support for FreeBSD, Linux, and even Windows. Here, we’ll show how to set Bro up to use it. Bro provides support for monitoring interfaces using netmap. However, as of FreeBSD 11.1 (bro-2.5.1) the binary package doesn’t ship with the needed netmap plugin. Furthermore,…