SIREN Setup Instructions
Download Linux dependencies: - Recommend Ubuntu-based, raspbian is good - sudo apt-get install build-essential python-dev libmysqlclient-dev python-virtualenv python-pip If some don’t resolve, install what Linux tells you to Clone repository: - Git clone https://github.com/blaverick62/SIREN.git Change remote to your repository if using it for dev Setup VENV and install pip requirements: - cd SIREN - . ./VENV/bin/activate - pip install -r requirements.txt If some pip dependencies don’t install, install what python tells you: - sudo apt-get install libkrb5-dev - pip install python-gssapi - pip install paramiko To run SIREN: - sudo ./sirenstart.sh Setup Snort on Pi: - sudo apt-get install flex bison build-essential checkinstall libpcap-dev libnet1-dev libpcre3-dev libmysqlclient15-dev libnetfilter-queue-dev iptables-dev libdumbnet-dev autoconf libtool libdaq-dev snort Setup: - set up home net and interface - add file siren.rules to /etc/snort/rules - add line alert tcp $HOME_NET any -> any any (msg:"Target file accessed!"; content:"malarkey"; sid:1000037;) - add line include $RULE_PATH/siren.rules to snort.conf near line 550 with other includes Mysql setup On SIREN_DB
FEATURES
SIMILAR TOOLS
A comprehensive guide to network security monitoring, teaching readers how to detect and respond to intrusions using open source software and vendor-neutral tools.
Comprehensive endpoint protection platform providing unified visibility and security for cloud workloads, endpoints, and containers.
A curated collection of companies that have publicly disclosed adversary tactics, techniques, and procedures following security breaches.
A condensed field guide for cyber security incident responders, covering incident response processes, attacker tactics, and practical techniques for handling incidents.
INE Security offers a range of cybersecurity certifications, including penetration testing, mobile and web application security, and incident response.
A practical guide to developing a comprehensive security monitoring and incident response strategy, covering incident response fundamentals, threat analysis, and data analysis.
A comprehensive guide to incident response, providing effective techniques for responding to advanced attacks against local and remote network resources.
A comprehensive guide to developing an incident response capability through intelligence-based threat hunting, covering theoretical concepts and real-life scenarios.
A comprehensive guide to understanding and responding to modern ransomware attacks, covering incident response, cyber threat intelligence, and forensic analysis.
PINNED
A cybersecurity platform that offers vulnerability scanning, Windows Defender and 3rd party AV management, and MFA compliance reporting, among other features.
Proton Pass is a cross-platform password manager that provides encrypted storage, password generation, and security monitoring features with integrated 2FA and dark web monitoring capabilities.
NordVPN is a commercial VPN service that encrypts internet connections and hides IP addresses through a global network of servers, featuring integrated threat protection and multi-device support.
Fractional CISO service that helps B2B companies implement security leadership to win enterprise deals, achieve compliance, and develop strategic security programs.