SHANER.LIFE

  • A security event pipeline using Bro, Kafka, and FreeBSD Jails

    With the help of the Bro Kafka plug-in, we’ll configure Bro to stream JSON-formatted logs through Kafka and use python to subscribe and print events from the stream. This tutorial uses FreeBSD 11.1-RELEASE. But can easily be adapted to Linux installations. How do you monitor events from multiple Bro sensors throughout a network? Do you…

  • Bro on FreeBSD Using Netmap

    NETMAP is a framework for very fast packet I/O from userspace with support for FreeBSD, Linux, and even Windows. Here, we’ll show how to set Bro up to use it. Bro provides support for monitoring interfaces using netmap. However, as of FreeBSD 11.1 (bro-2.5.1) the binary package doesn’t ship with the needed netmap plugin. Furthermore,…

  • Install Bro on pfSense

    I’ve been working with Bro a lot lately and thought it’d be worth trying to get Bro running on pfSense. In an ideal situation, you wouldn’t normally run an IDS on your firewall, but for low bandwidth installations or the budget constrained, it’ll work fine. 1. You’ll need to enable ssh access to your pfSense…

  • Using zxfer to backup ZFS pools

    I was recently looking for an easy way to backup some FreeBSD jails I have running various services. With the jails residing on top of ZFS (using iocage), a quick Google search turned up the usual zfs ‘send’ and ‘receive’ mixed with miscellaneous pipes and redirection. Having wrote several backup scripts in the past, they…

  • MAAS Custom Partitioning

    Currently, MAAS doesn’t support custom partitioning through the MAAS dashboard for CentOS. However, you can utilize curtin to perform this task for you. Here’s an example /etc/maas/preseeds/curtin_userdata_centos assuming /dev/vda is your disk:

  • Starting out in IT

    I recently received an email from a family friend asking what courses or certifications he should look into for getting started in IT. Without knowing what particularly interests him about IT, I wrote the following email and decided it might be useful for others just starting out. TL;DR: Learn Linux, a scripting language of some…