SOC-Daily

  Arp-spoofing and Man-in-the-Middle attack     An ARP spoofing cyberattack happens when an attacker uses the Address Resolution Protocol (ARP) to intercept communication between two parties, such as a user and a device, on a local area network (LAN). This attack is especially dangerous in the context of the Internet of Things (IoT), as it has the potential to undermine the entire network's security. Attackers can eavesdrop on the transmission or even manipulate the data being delivered by presenting themselves as a man-in-the-middle using ARP spoofing, putting both data integrity and confidentiality at risk. ARP spoofing attacks on IoT devices entail multiple important components. Initially, the attacker discovers the target IoT devices and then manipulates the network's ARP signals to make their machine look like the legitimate gateway or device. This allows the attacker to intercept and perhaps change data sent between the IoT device and other netw...

   Introduction. This lab guide was methodically developed with the primary purpose of serving as an educational resource for those interested in learning about and setting up a Security Operations Centre (SOC) basic lab. It is aimed at students who want to properly monitor their small office or home networks(for project or practice) while maintaining security and integrity. The growing incidence of cybersecurity risks needs a solid understanding of how to safeguard network infrastructures against potential attacks and unauthorised access. This lab aims to provide readers with the information and skills necessary to install and deploy Suricata, an open-source Intrusion Detection System (IDS), on a Radxa Raspberry Pi. This guide serves as a comprehensive instructional, bringing readers through each crucial stage of the process, from the initial configuration to the final implementation and testing phases  IDS (Suricata) on Radxa Raspberry Pi Figure 1 demonstrates how...