What, I can surf pr0n for a legit reason during workshop?
Sign me up! Asafp!
That was the response from certain members of our growing community. It's nice seeing more and more people outside Randomdata finding their way onto our website and signing up for workshops.
This episode, the workshop was given by our friendly neighbourhood geek fish_. It was about DIY IDS (That's Do It Yourself Intrustion Detection System for the non-geeks reading this). For those unknown with the last few words, a IDS is a system which detects anomalies in systems. There's also the IPS' which prevents certain naughty things happening to your network.
IPS' can work on different levels of the OSI model, if you're like "???" I suggest you read up on the OSI model here and check out the sheets.
For configuring our own IDS, we were to do a bare Debian install and configure it with Snort. Snort is a cross-platform, sourcefire project started by Martin Roesch in 1998. It has an active community as you can see on the website. There's a nice little walkthrough about how to install/configure it here.
After people had set up their IDS' in as a VM, the fun started; Making some rules! I, for one, started making porno rules. Well, it was more editing than writing - still, the idea stands! After hours of work, I could finally do some pr0n surfing to see if it worked, wheeeeee!
Thanks fish for hosting, looking forward to the next workshop.
You can download the sheets here.