Logan Lembke// Here at BHIS, we ♥ Bro IDS. Imagine… Bro IDS Everywhere! If you haven’t encountered Bro IDS before, checkout this webcast on John’s Youtube channel discussing the need for Bro IDS and what it can offer your local blue team. Readying Your Weapons: Installing Bro IDS Bro IDS requires a UNIX like operating system such […]
David Fletcher// My wife and I recently purchased a 2016 Ford Flex to replace an aging version of the same make and model that met an untimely fate. During the feature walk-through the salesperson identified how convenient this version of the Sync platform was because you could update the firmware on the infotainment unit over […]
David Fletcher// This blog post is going to illustrate setting up a software access point (AP) on Ubuntu 16.04. Having the ability to create a software AP can be very handy in testing devices with 802.11 wireless capabilities. By using the software AP we can observe all traffic being generated by a device, inspect that […]
Mike Felch // Meet ‘The Box’ Bomb For the last few years at the security conference DEF CON in Las Vegas, the Tamper Resistant Village has hosted a challenging contest called ‘The Box’ where contestants mimic an EOD technician in an attempt to defuse a bomb. The fake bomb consists of trigger sensors, traps, electronic components, and locks, that […]
CJ Cox // We frequently get requests from customers asking us if we provide consultation defending their systems. The other day I got a question from a customer asking us if we could provide some consulting hours on hardening their Active Directory infrastructure. Asking BHIS to help you secure your infrastructure is like asking Navy […]
Jordan Drysdale // Step 1: Build your capture rig RPi3, Kali, Battery Packs, 2 x supported wifi card of your choosing (I used the Alfa Black for this run). My finished product: Solar Battery Pack, Pi, Alfa, Rock and Roll xz -cd kali-2017.01-rpi2.img.xz | dd of=/dev/mmcblk0 bs=4M iflag=fullblock oflag=direct status=progress You may need to install Kismet. apt-get install kismet […]
Kent R. Ickler // How to Configure Distributed Fail2Ban: Actionable Threat Feed Intelligence Fail2Ban is a system that monitors logs and triggers actions based on those logs. While actions can be very customized, the typical use case is monitoring an auth-log for authentication errors and configuring a system to block the offending source IP. Fail2Ban […]
David Fletcher // During our testing, we encounter organizations of various different sizes, shapes, and composition. One that we’ve run across a number of times includes a fairly even mixture of Microsoft Windows and Apple OSX operating systems. Under normal circumstances it can be difficult to identify which users are using Windows and which are […]
Kent R. Ickler // You’ve heard us before talk about Bro, an IDS for network monitoring and analysis. We’ve had several installs of Bro over time here at BHIS. It’s about time for another build, and I thought it would be a good time to share an example methodology. This post is going to be […]
