• BaroqueInMind@kbin.social
    link
    fedilink
    arrow-up
    9
    ·
    1 year ago

    I have a refurbished server rack system that is running Zeek and also Suricata. I have a managed switch that will duplicate all network traffic to the system that is running those applications and a JBOD setup to store the countless logs. I have scoured through nearly all the CISA documents and alert reports to copy the various Snort rules they mention in each report and also purchased a specific modem to connect with my ISP that provides a service to monitor my traffic that has Minim.

    I am a cybersecurity expert and still don’t know what I’m doing most of the time, so this is literally scratching the surface, as well as only detecting threats not really stopping them which requires more knowledge.