by Keith J. Jones, PhD | Apr 8, 2021 | Spicy
Introduction and Background I last wrote about detecting OpenVPN with Zeek, and to understand this blog you should familiarize yourself with that post. This blog will not repeat the basics of OpenVPN, but instead it will briefly walk through the Spicy version of the...
by Keith J. Jones, PhD | Mar 16, 2021 | OpenVPN, Protocol Analyzer
By Keith J. Jones, Corelight Sr. Security Researcher Introduction and Background Many modern VPN providers use the OpenVPN protocol in their clients and servers. Threat actors are also known to use OpenVPN. Zeek is unable to natively detect and parse the OpenVPN...
by Keith J. Jones, PhD | Dec 6, 2019 | Uncategorized
Introduction This blog post will walk you through the process of adding a JPEG file analyzer to Zeek. Please keep in mind that our main goal in this blog series is to “teach a person to fish” along with a few small fish to get started as bait rather than simply...
RSS - Posts