MISP Threat Sharing

SCENARIO INFORMATION

DESCRIPTION:

This scenario serves as a guide on how to use the Malware Information Sharing Platform & Threat Sharing system.

Malware Information Sharing Platform & Threat Sharing lab covers the core usage of MISP system. The MISP software can be installed on a Linux operating system (preferred on Ubuntu OS) , In order to quickly start with the platform, there is a free virtual machine version available from CIRCL (Computer Incident Response Center Luxembourg). In this lab we will be working with CIRCL MISP virtual machine. The VM is installed with all the necessary components to startup with MISP. The following topics will be practiced in the lab session:

– Overview of MISP Web Interface.
– Events Management.
– Feeds Management.
– Search for events.
– Exporting events as IDS rules.
– Testing exported MISP IDS rules in Suricata.

OBJECTIVES AND OUTCOME:

After completing this scenario you will be able to :

– Use the MISP system.

PRE-REQUISITES:

In order to get the full benefit from this scenario, it is suggested that you have competence in the following area:

– Basic knowledge in Linux operating systems.

RECOMMENDED READING:

It is suggested that you consult with these recommended reading resources and pre-existing scenarios:

https://www.misp-project.org/documentation/

AUTHOR:

This scenario was created by Sathish Govindharajan.

MODE SINGLEPLAYER
Type OPEN RANGE
DIFFICULTY EASY
TIME INFINITE
COST 1000 GEMS/1.5 HOURS

Start Scenario

RegisterLogin
Share on facebook
Facebook
Share on twitter
Twitter
Share on linkedin
LinkedIn
Share on reddit
Reddit
Share on whatsapp
WhatsApp
Share on telegram
Telegram
Scroll to Top