SoCruel.NU

The domain that loves BSD

Home About Me Archive Contact

Install Zeek packages on FreeBSD

23 February, 2021

In this blog post we install Zeek Packages using the Zeek Package Manager. A Zeek Package is a third party plugin. You can read more about Zeek plugins here.

read more

First Zeek queries on FreeBSD

26 January, 2021

Zeek is not an active protective security device, like a firewall or intrusion prevention system. Rather, Zeek runs on a "sensor", a hardware, software, virtual, or cloud platform that quietly and unobtrusively observes network traffic. Zeek interprets what it sees and creates compact, high-fidelity transaction logs.

In this blog post we do some basic queries on some of the Zeek logfiles.

read more

Run Zeek as user zeek on FreeBSD

5 January, 2021

Zeek runs as the user root by default when it is implemented on FreeBSD using the package system.

But we want a more secure setup than this and run Zeek as a normal user. Fortunately this is possible on our favorite Operating System!

read more

Implement Zeek on FreeBSD

19 December, 2020

I wanted to get more visibility in my network on the application and services level. An example of a current missing insight on my network is e.g. which domains are queried by the systems on my network? And no other tool than Zeek can answer this question the best! Zeek is a network security monitoring platform which generates rich network metadata that is very valuable for general network troubleshooting, getting insight in what happens on your network, and even for incident response and forensics!

This blog post is the first blog post of a series of posts about Zeek on FreeBSD! So more to come after this one.

read more

See the archive page or category pages on the right for more (older) blog posts.

About

The SoCruel.NU blog is about FreeBSD, open source software running on it and IT security. It is run by Lars Wittebrood. The posts are based on my own experiences and expose my opinion. This is all made for fun and the learning experience! And hopefully they contribute to the BSD community as well!

Other sites