June 2022 – Using Zeek Without Scripting

Welcome to June.  Things are heating up both with the weather and RISE.  Our next meeting is June 9th at Roanoke College in the Pickle Lounge in the Colket Building with Andrew Beard.  Andrew’s topic is “Using Zeek Without Scripting”.  We are fortunate that our friends at Varonis are sponsoring this month so this will be a catered event with beverages and heavy hors d’oeuvres.  So, bring your curiosity and hunger to the next RISE meeting, both will be satisfied.  See below for more details about the location and parking.

Also we will be offering a book exchange at this meeting

Are you looking to downsize your current library, or perhaps you are looking to diversify your current library.  Well RISE wants to help.  At our next meeting (6/9/22) we will be offering a book exchange.  Bring all those books that you want to get rid off and while you are there perhaps you can find a new book that might interest you.  This is a great chance to explore new areas and find a new book that might change your whole career or at least find something for summer reading.  Just remember to bring those books.

Discussion Topic:

Zeek (formerly Bro) is a great tool for network visibility, but many first timers are turned off by the complexity of Zeek scripting.  Good news!  Zeek is a totally functional stand-alone tool for network traffic analysis, no scripting required.  We’ll go through some hands-on examples of how to use Zeek to inspect PCAP files and some of the tool’s out of the box capabilities without writing a line of Zeek code.

Bringing a laptop with Docker installed is highly recommended if you want to follow along and experiment.

Location / Date / Time

Pickle Lounge, Colket Center, Roanoke College, June 9th @ 5:30 pm

https://www.google.com/maps/place/Colket+Center/@37.296069,-80.0561825,374m/data=!3m1!1e3!4m5!3m4!1s0x0:0xdbe44d3491ec6479!8m2!3d37.297078!4d-80.0556333

-Parking is adjacent to the venue. Park in designated spots and walk to the Colket Center building.