MA
Uploaded byMohammed Almusaddar
PPTX, PDF822 views

How to Use Open Source Tools to Improve Network Security

The document is a presentation on utilizing open source tools to enhance network security, presented by Mohamed Almusaddar. It outlines a five-stage DIY process for network security, encompassing vulnerability analysis, configuration analysis, log analysis, monitoring and alerting, and intrusion detection systems, along with recommended open source tools for each stage. Additional resources, including slides, code, and demos, will be available on the presenter's blog and GitHub.

Technology
Related topics:
Information Security

Embed presentation

Downloaded 20 times
How to Use Open Source Tools to Improve Network Security
How to Get Resources This presentation, links, PDFs, Code and Recorded Demo will be shared with my Blog www.mhmd.io SlideShare This Presentation will be on SlideShare GitHub Code Any Code Present Here will Be Shared on GitHub Repo, visit my Blog for more info. This Presentation is free to use under Creative Commons Attribution license. YouTube Channel This Presentation Demo will be on YouTube
I am Mohamed Almusaddar ◉ Infrastructure/Cloud Manager at Al-Aqsa University ◉ Cloud Solution Architect ◉ Open Source Security Tools Specialist You can find me at: ◉ @mhmd_io Salam!
Contribution to Open Source Security Projects
FOSS security tools To protect your systems/Network Infrastructure 1
“ There are thousands of open source security tools with both defensive and offensive security capabilities.
Five-Stage Process for DIY Network Security ◉Vulnerability Analysis ◉Configuration Analysis ◉Log Analysis ◉Monitoring and Alerting ◉Intrusion Detection Systems
Vulnerability Analysis Part of Your DIY SIEM System
OpenVAS is a powerful open source vulnerability scanner that will perform thousands of checks against a system looking for known security vulnerabilities. Vulnerability Analysis Solutions Nikto Web Scanner Vulnerable web scripts, configuration errors and web server vulnerabilities can all be detected. Arachni provides coverage, vulnerability detection for web application Nmap Port Scanner Test open ports with the ability to scan all ports and complete net blocks
Configuration Analysis Part of Your DIY SIEM System
Configuration Analysis Lynis Security auditing and hardening tool, for UNIX- based systems. MBSA – Not Open Sourced determine security state by assessing missing security updates and less-secure security settings within Microsoft Windows
Log Analysis Part of Your DIY SIEM System
Elastic Stack
Logs Customized Dashboards
Monitoring and Alerting Part of Your DIY SIEM System
Monitoring/Metrics Icinga2 Icinga is a resilient, open source monitoring and metric solution system Grafana is an open source metric analytics & visualization suite. It is most commonly used for visualizing time series data for infrastructure and application analytics
Collect metrics from every device
Dashing Important Check
Intrusion Detection Systems Part of Your DIY SIEM System
Intrusion Detection System NIDS Snort/Suricata within Security-Onion HIDS OSSEC is a scalable, multi- platform, open source Host-based Intrusion Detection System (HIDS) v2.9.0 on Feb 9
Collect Logs from every device LogsVulnerabilities IDS Reports
Summary ◉ Elastic Stack for Logs Management ◉ OSSEC for HIDS ◉ SecurityOnion for NIDS ◉ Icinga2/Grafana for Metrics/Monitoring/Alerting ◉ Kali for Nmap/WireShark/Pen. Tests ◉ Vulnerability Analysis Stack ◉ Configuration Analysis Stack
Security Onion • full packet capture • NIDS and HIDS • powerful analysis tools • ELK Stack support ( near future ) • Add needed Kali tools to Security-Onion • Add Vulnerability scanner tools to Security-Onions • Backup Server • Logs Server • Monitor Server All-in-One Tool ? SMB
How to Deploy Adopt Open Source Security Solutions 2
Deployment Plan ◉Read Documentation, Tutorials, Case Studies ◉Localhost VM Environment ◉Documentation ◉Testing Lab – Physical-Environment + semi- Automation ◉Documentation ◉Deployment – Production + full-automation ◉Documentation / Reports
Any questions ? You can find me at ◉ @mhmd_io ◉ admin@mhmd.io Thanks!

More Related Content

PPTX
Humla workshop on Android Security Testing - null Singapore
byn|u - The Open Security Community
 
PPTX
New OSSIM v5.0 - Get Security Visibility Faster & Easier Than Ever
byAlienVault
 
PDF
Managing third party libraries
byn|u - The Open Security Community
 
PPTX
TRISIS in Perspective
byDragos, Inc.
 
PDF
Behavior-Based Defense in ICS
byDragos, Inc.
 
PDF
Journey to the Cloud: Securing Your AWS Applications - April 2015
byAlert Logic
 
PPTX
Agile Network India | DevSecOps - The What and the Why | Ritesh Shregill
byAgileNetwork
 
PDF
McAfee MOVE & Endpoint Security
bynetlogix
 
Humla workshop on Android Security Testing - null Singapore
byn|u - The Open Security Community
 
New OSSIM v5.0 - Get Security Visibility Faster & Easier Than Ever
byAlienVault
 
Managing third party libraries
byn|u - The Open Security Community
 
TRISIS in Perspective
byDragos, Inc.
 
Behavior-Based Defense in ICS
byDragos, Inc.
 
Journey to the Cloud: Securing Your AWS Applications - April 2015
byAlert Logic
 
Agile Network India | DevSecOps - The What and the Why | Ritesh Shregill
byAgileNetwork
 
McAfee MOVE & Endpoint Security
bynetlogix
 

What's hot

PPTX
Best Practices for Configuring Your OSSIM Installation
byAlienVault
 
PDF
Hacking IoT with EXPLIoT Framework
byPriyanka Aash
 
PPTX
Advanced Threat Protection - Sandboxing 101
byBlue Coat
 
PPTX
Intelligence-Driven Industrial Security with Case Studies in ICS Attacks
byDragos, Inc.
 
PDF
Présentation kaspersky threat intelligence services
byANSItunCERT
 
PDF
Network Security Tools
byEmanuela Boroș
 
PPTX
Deploying a Shadow Threat Intel Capability at CaralinaCon on March 6, 2016
bygrecsl
 
PDF
Tenable Solutions for Enterprise Cloud Security
byMarketingArrowECS_CZ
 
PPTX
#ALSummit: Architecting Security into your AWS Environment
byAlert Logic
 
PDF
Learn Ethical Hacking With Kali Linux | Ethical Hacking Tutorial | Kali Linux...
byEdureka!
 
DOCX
Kaspersky Security center 10 documentation
byTarek Amer
 
PPTX
Secure application deployment in Apache CloudStack
byTim Mackey
 
PDF
CSF18 - Implementing Gartners #1 - Whitelisting- Karim El-Melhaoui
byNCCOMMS
 
PPTX
#ALSummit: Cyber Resiliency: Surviving the Breach
byAlert Logic
 
PDF
Хакеро-машинный интерфейс
byPositive Hack Days
 
PDF
Security Onion: Watching for Leeks
byKory Kyzar
 
PDF
Dev week cloud world conf2021
byArchana Joshi
 
PPTX
#ALSummit: Live Cyber Hack Demonstration
byAlert Logic
 
PPTX
How to Increase ICS Cybersecurity Return on Investment (ROI)
byDragos, Inc.
 
PPTX
Tiptoe Through The Network: Practical Vulnerability Assessments in Control Sy...
byDigital Bond
 
Best Practices for Configuring Your OSSIM Installation
byAlienVault
 
Hacking IoT with EXPLIoT Framework
byPriyanka Aash
 
Advanced Threat Protection - Sandboxing 101
byBlue Coat
 
Intelligence-Driven Industrial Security with Case Studies in ICS Attacks
byDragos, Inc.
 
Présentation kaspersky threat intelligence services
byANSItunCERT
 
Network Security Tools
byEmanuela Boroș
 
Deploying a Shadow Threat Intel Capability at CaralinaCon on March 6, 2016
bygrecsl
 
Tenable Solutions for Enterprise Cloud Security
byMarketingArrowECS_CZ
 
#ALSummit: Architecting Security into your AWS Environment
byAlert Logic
 
Learn Ethical Hacking With Kali Linux | Ethical Hacking Tutorial | Kali Linux...
byEdureka!
 
Kaspersky Security center 10 documentation
byTarek Amer
 
Secure application deployment in Apache CloudStack
byTim Mackey
 
CSF18 - Implementing Gartners #1 - Whitelisting- Karim El-Melhaoui
byNCCOMMS
 
#ALSummit: Cyber Resiliency: Surviving the Breach
byAlert Logic
 
Хакеро-машинный интерфейс
byPositive Hack Days
 
Security Onion: Watching for Leeks
byKory Kyzar
 
Dev week cloud world conf2021
byArchana Joshi
 
#ALSummit: Live Cyber Hack Demonstration
byAlert Logic
 
How to Increase ICS Cybersecurity Return on Investment (ROI)
byDragos, Inc.
 
Tiptoe Through The Network: Practical Vulnerability Assessments in Control Sy...
byDigital Bond
 

Similar to How to Use Open Source Tools to Improve Network Security

PPTX
IDS+Honeypots Making Security Simple
byGregory Hanis
 
PPTX
Open Source Defense for Edge 2017
byAdrian Sanabria
 
PPTX
Hacktoberfest'24 _ GDG on Campus BU.pptx
bynilaygupta3003
 
PDF
stackconf 2024 | How to hack and defend (your) open source by Roman Zhukov.pdf
byNETWAYS
 
PDF
Cybersecurity Free Tools for Practice Project.pdf
byHaris Chughtai
 
PDF
CSEC 610 Individual Assignment Essay
byRochelle Schear
 
PPTX
Blue Teaming on a Budget of Zero
byKyle Bubp
 
DOCX
FBI & Secret Service- Business Email Compromise Workshop
byErnest Staats
 
PDF
Vulnerability Assessment Report
byHarshit Singh Bhatia
 
PPTX
Open source SOC Tools for Home-Lab
byBoni Yeamin
 
DOCX
FBI & Secret Service- Business Email Compromise Workshop
byErnest Staats
 
PPTX
Open Source Cybersecurity Tools
byBoni Yeamin
 
PDF
Unity Makes Strength
byXavier Mertens
 
PDF
Infosecurity.be 2019: What are relevant open source security tools you should...
byB.A.
 
PPT
Ending the Tyranny of Expensive Security Tools: A New Hope
byMichele Chubirka
 
PPTX
Ending the Tyranny of Expensive Security Tools
byMichele Chubirka
 
PPTX
Ending the Tyranny of Expensive Security Tools
bySolarWinds
 
PDF
Construye tu stack de ciberseguridad con open source
bySoftware Guru
 
PPTX
Open Security - Chad Cravens
byIT-oLogy
 
PDF
Unity Makes Strength SOURCE Dublin 2013
byXavier Mertens
 
IDS+Honeypots Making Security Simple
byGregory Hanis
 
Open Source Defense for Edge 2017
byAdrian Sanabria
 
Hacktoberfest'24 _ GDG on Campus BU.pptx
bynilaygupta3003
 
stackconf 2024 | How to hack and defend (your) open source by Roman Zhukov.pdf
byNETWAYS
 
Cybersecurity Free Tools for Practice Project.pdf
byHaris Chughtai
 
CSEC 610 Individual Assignment Essay
byRochelle Schear
 
Blue Teaming on a Budget of Zero
byKyle Bubp
 
FBI & Secret Service- Business Email Compromise Workshop
byErnest Staats
 
Vulnerability Assessment Report
byHarshit Singh Bhatia
 
Open source SOC Tools for Home-Lab
byBoni Yeamin
 
FBI & Secret Service- Business Email Compromise Workshop
byErnest Staats
 
Open Source Cybersecurity Tools
byBoni Yeamin
 
Unity Makes Strength
byXavier Mertens
 
Infosecurity.be 2019: What are relevant open source security tools you should...
byB.A.
 
Ending the Tyranny of Expensive Security Tools: A New Hope
byMichele Chubirka
 
Ending the Tyranny of Expensive Security Tools
byMichele Chubirka
 
Ending the Tyranny of Expensive Security Tools
bySolarWinds
 
Construye tu stack de ciberseguridad con open source
bySoftware Guru
 
Open Security - Chad Cravens
byIT-oLogy
 
Unity Makes Strength SOURCE Dublin 2013
byXavier Mertens
 

Recently uploaded

PDF
Day 3 - Data and Application Security - 2nd Sight Lab Cloud Security Class
by2nd Sight Lab
 
PPT
software-security-intro in information security.ppt
byismaeelsahib032
 
PDF
Day 5 - Red Team + Blue Team in the Cloud - 2nd Sight Lab Cloud Security Class
by2nd Sight Lab
 
PDF
Vibe Coding vs. Spec-Driven Development [Free Meetup]
byHaim Michael
 
PDF
Security Technologys: Access Control, Firewall, VPN
byShielaLasala
 
PPTX
Building Cyber Resilience for 2026: Best Practices for a Secure, AI-Driven Bu...
byYasir Naveed Riaz
 
PDF
Unlocking the Power of Salesforce Architecture: Frameworks for Effective Solu...
byvarsha30tiwari
 
PPTX
Cybersecurity Best Practices - Step by Step guidelines
byYasir Naveed Riaz
 
PPTX
Cloud-and-AI-Platform-FY26-Partner-Playbook.pptx
byiuiuiuiu1
 
PPTX
THIS IS CYBER SECURITY NOTES USED IN CLASS ON VARIOUS TOPICS USED IN CYBERSEC...
byMelissaGblinwon
 
PDF
Session 1 - Solving Semi-Structured Documents with Document Understanding
byDianaGray10
 
PDF
The major tech developments for 2026 by Pluralsight, a research and training ...
byChris Skinner
 
PDF
API-First Architecture in Financial Systems
bycyy111112
 
PDF
GPUS and How to Program Them by Manya Bansal
byScyllaDB
 
PDF
Making Sense of Raster: From Bit Depth to Better Workflows
bySafe Software
 
PPTX
Ethics in AI - Artificial Intelligence Fundamentals.pptx
byemenyiblessing
 
PPTX
Unit-4-ARTIFICIAL NEURAL NETWORKS.pptx ANN ppt Artificial neural network
byssuserd4481a
 
PPTX
cybercrime in Information security .pptx
byismaeelsahib032
 
PDF
Greetings All Students Update 3 by Mia Corp
by©LDMMIA, ©Reiki Yoga
 
PDF
Six Shifts For 2026 (And The Next Six Years)
byDavid Armano
 
Day 3 - Data and Application Security - 2nd Sight Lab Cloud Security Class
by2nd Sight Lab
 
software-security-intro in information security.ppt
byismaeelsahib032
 
Day 5 - Red Team + Blue Team in the Cloud - 2nd Sight Lab Cloud Security Class
by2nd Sight Lab
 
Vibe Coding vs. Spec-Driven Development [Free Meetup]
byHaim Michael
 
Security Technologys: Access Control, Firewall, VPN
byShielaLasala
 
Building Cyber Resilience for 2026: Best Practices for a Secure, AI-Driven Bu...
byYasir Naveed Riaz
 
Unlocking the Power of Salesforce Architecture: Frameworks for Effective Solu...
byvarsha30tiwari
 
Cybersecurity Best Practices - Step by Step guidelines
byYasir Naveed Riaz
 
Cloud-and-AI-Platform-FY26-Partner-Playbook.pptx
byiuiuiuiu1
 
THIS IS CYBER SECURITY NOTES USED IN CLASS ON VARIOUS TOPICS USED IN CYBERSEC...
byMelissaGblinwon
 
Session 1 - Solving Semi-Structured Documents with Document Understanding
byDianaGray10
 
The major tech developments for 2026 by Pluralsight, a research and training ...
byChris Skinner
 
API-First Architecture in Financial Systems
bycyy111112
 
GPUS and How to Program Them by Manya Bansal
byScyllaDB
 
Making Sense of Raster: From Bit Depth to Better Workflows
bySafe Software
 
Ethics in AI - Artificial Intelligence Fundamentals.pptx
byemenyiblessing
 
Unit-4-ARTIFICIAL NEURAL NETWORKS.pptx ANN ppt Artificial neural network
byssuserd4481a
 
cybercrime in Information security .pptx
byismaeelsahib032
 
Greetings All Students Update 3 by Mia Corp
by©LDMMIA, ©Reiki Yoga
 
Six Shifts For 2026 (And The Next Six Years)
byDavid Armano
 

How to Use Open Source Tools to Improve Network Security

  • 1.
    How to UseOpen Source Tools to Improve Network Security
  • 2.
    How to GetResources This presentation, links, PDFs, Code and Recorded Demo will be shared with my Blog www.mhmd.io SlideShare This Presentation will be on SlideShare GitHub Code Any Code Present Here will Be Shared on GitHub Repo, visit my Blog for more info. This Presentation is free to use under Creative Commons Attribution license. YouTube Channel This Presentation Demo will be on YouTube
  • 3.
    I am Mohamed Almusaddar ◉Infrastructure/Cloud Manager at Al-Aqsa University ◉ Cloud Solution Architect ◉ Open Source Security Tools Specialist You can find me at: ◉ @mhmd_io Salam!
  • 4.
    Contribution to OpenSource Security Projects
  • 5.
    FOSS security tools Toprotect your systems/Network Infrastructure 1
  • 6.
    “ There are thousandsof open source security tools with both defensive and offensive security capabilities.
  • 7.
    Five-Stage Process forDIY Network Security ◉Vulnerability Analysis ◉Configuration Analysis ◉Log Analysis ◉Monitoring and Alerting ◉Intrusion Detection Systems
  • 9.
    Vulnerability Analysis Part ofYour DIY SIEM System
  • 10.
    OpenVAS is a powerfulopen source vulnerability scanner that will perform thousands of checks against a system looking for known security vulnerabilities. Vulnerability Analysis Solutions Nikto Web Scanner Vulnerable web scripts, configuration errors and web server vulnerabilities can all be detected. Arachni provides coverage, vulnerability detection for web application Nmap Port Scanner Test open ports with the ability to scan all ports and complete net blocks
  • 11.
    Configuration Analysis Part ofYour DIY SIEM System
  • 12.
    Configuration Analysis Lynis Security auditingand hardening tool, for UNIX- based systems. MBSA – Not Open Sourced determine security state by assessing missing security updates and less-secure security settings within Microsoft Windows
  • 13.
    Log Analysis Part ofYour DIY SIEM System
  • 14.
  • 15.
  • 16.
    Monitoring and Alerting Partof Your DIY SIEM System
  • 17.
    Monitoring/Metrics Icinga2 Icinga is aresilient, open source monitoring and metric solution system Grafana is an open source metric analytics & visualization suite. It is most commonly used for visualizing time series data for infrastructure and application analytics
  • 18.
  • 19.
  • 20.
    Intrusion Detection Systems Partof Your DIY SIEM System
  • 21.
    Intrusion Detection System NIDS Snort/Suricatawithin Security-Onion HIDS OSSEC is a scalable, multi- platform, open source Host-based Intrusion Detection System (HIDS) v2.9.0 on Feb 9
  • 23.
    Collect Logs fromevery device LogsVulnerabilities IDS Reports
  • 24.
    Summary ◉ Elastic Stackfor Logs Management ◉ OSSEC for HIDS ◉ SecurityOnion for NIDS ◉ Icinga2/Grafana for Metrics/Monitoring/Alerting ◉ Kali for Nmap/WireShark/Pen. Tests ◉ Vulnerability Analysis Stack ◉ Configuration Analysis Stack
  • 25.
    Security Onion • fullpacket capture • NIDS and HIDS • powerful analysis tools • ELK Stack support ( near future ) • Add needed Kali tools to Security-Onion • Add Vulnerability scanner tools to Security-Onions • Backup Server • Logs Server • Monitor Server All-in-One Tool ? SMB
  • 26.
    How to Deploy AdoptOpen Source Security Solutions 2
  • 27.
    Deployment Plan ◉Read Documentation,Tutorials, Case Studies ◉Localhost VM Environment ◉Documentation ◉Testing Lab – Physical-Environment + semi- Automation ◉Documentation ◉Deployment – Production + full-automation ◉Documentation / Reports
  • 28.
    Any questions ? Youcan find me at ◉ @mhmd_io ◉ admin@mhmd.io Thanks!

Editor's Notes

  • #4 I am Mohamed Almusaddar Infrastructure/Cloud Manager at Al-Aqsa University Cloud Solution Architect Open Source Security Tools Specialist
  • #7 Open Source Cybersecurity Catalog Homeland Open Security Technology (HOST) HOST’s focus is on open source security software. Its mission is: • identifying new, emerging and undervalued open source solutions to cyber security challenges and sharing that information broadly • making strategic investments in projects with high-impact potential • encouraging innovation by enabling cross-industry collaboration
  • #8 Goals Assists with compliance testing (HIPAA/ISO27001/PCI DSS) Configuration management Software patch management System hardening Penetration testing Intrusion detection Audience Typical users of the software: System administrators Auditors Security officers Security professionals
  • #11 You might be auditing your network because you have already been attacked, or to better understand your network SI security level, or as the first step in planning a security strategy.
  • #13 Assists with compliance testing (HIPAA/ISO27001/PCI DSS) and system hardening
  • #15 Elasticsearch is an open source search engine based on Lucene, developed in java. It provides a distributed and multitenant full-text search engine with an HTTP Dashboard web-interface (Kibana) and JSON documents scheme. Elasticsearch is a scalable search engine that can be used to search for all types of documents, including log file. Elasticsearch is the heart of the 'Elastic Stack' or ELK Stack. Logstash is an open source tool for managing system events and logs. It provides real-time pipelining to collect data. Logstash will collect the log or data, convert all data into JSON documents, and store them in Elasticsearch. Kibana is a data visualization interface for Elasticsearch. Kibana provides a pretty dashboard (web interfaces), it allows you to manage and visualize all data from Elasticsearch on your own. It's not just beautiful, but also powerful. Beats are data shippers, lightweight agents that can be installed on the client nodes to send huge amounts of data from the client machine to the Logstash or Elasticsearch server. There are 4 beats available, 'Filebeat' for 'Log Files', 'Metricbeat' for 'Metrics', 'Packetbeat' for 'Network Data' and 'Winlogbeat' for the Windows client 'Event Log'.
  • #22 Analysis You can analyze NIDS alerts from Snort/Suricata via: Squert ELSA Sguil