Detecting Eternalblue Attack using Zeek or Bro

SCENARIO INFORMATION

DESCRIPTION:

This scenario serves guide on how to:

Detect Eternalblue attacks using Zeek or Bro.

OBJECTIVES AND OUTCOME:

After completing this scenario, you will be able to:

Configure Zeek to detect possible Eternalblue attacks.

PRE-REQUISITES:

In order to get the full benefit from this scenario, it is suggested that you have competencies in the following areas:

– Basic Linux administration.
– Configuration of Zeek.
– Configuration of ELK stack.

RECOMMENDED READING:

It is suggested that you consult with these recommended reading resources and pre-existing scenarios:

Configuring Zeek/BRO IDS

Integrating Zeek/Bro IDS with ELK Stack

AUTHOR

This scenario was created by Sathish Govindharajan.

MODE SINGLEPLAYER
Type OPEN RANGE
DIFFICULTY EASY
TIME INFINITE

Start Scenario

RegisterLogin
Facebook
Twitter
LinkedIn
Reddit
WhatsApp
Telegram
Scroll to Top