This post will demonstrate creating a custom rule in Suricata to generate an alert. In the /etc/suricata/rules directory I made a new rules file called custom.rules: For Suricata to run this rule, the new rule file needs to be added…
This post will show how to make a daemon with Python that will leverage Suricata alerts to block IP addresses. Here is a look at the full code for the daemon, called ‘alert_daemon.py’: Now I will break down each section.…
This is the final part for building a custom firewall with the utilization of IP Reputation within Suricata. The first step to take is to go into ‘suricata.yaml’, go to the IP Reputation section, and remove the comment tags from…
In this post, I will demonstrate analyzing packets with Wireshark to capture a password in clear text. Before Wireshark can be used, we need to capture some packets with the ‘Tcpdump’ command and write them to a .pcap file: The…
This post will be about automating a daily weather forecast utilizing a modified version of the Python Email script from the previous post. The steps for this project are: For the first step, we will look for an API that…
This post will demonstrate how to use Cron to set up a daily schedule for receiving the weather forecast email. The first step will be to go to crontab.guru to check the format. I want to have this email set…