Detecting Eternalblue Attack using Zeek or Bro

SCENARIO INFORMATION

DESCRIPTION:

This scenario serves guide on how to:

Detect Eternalblue attacks using Zeek or Bro.

OBJECTIVES AND OUTCOME:

After completing this scenario, you will be able to:

Configure Zeek to detect possible Eternalblue attacks.

PRE-REQUISITES:

In order to get the full benefit from this scenario, it is suggested that you have competencies in the following areas:

– Basic Linux administration.
– Configuration of Zeek.
– Configuration of ELK stack.

RECOMMENDED READING:

It is suggested that you consult with these recommended reading resources and pre-existing scenarios:

Configuring Zeek/BRO IDS

Integrating Zeek/Bro IDS with ELK Stack

AUTHOR

This scenario was created by Sathish Govindharajan.

MODE SINGLEPLAYER
Type OPEN RANGE
DIFFICULTY EASY
TIME INFINITE
COST 1200 GEMS / 2 Hours

Start Scenario

RegisterLogin
Share on facebook
Facebook
Share on twitter
Twitter
Share on linkedin
LinkedIn
Share on reddit
Reddit
Share on whatsapp
WhatsApp
Share on telegram
Telegram
Scroll to Top