https://www.pluralsight.com/courses/opnsense-network-analysis

 

Visibility into your network is essential to effectively discover or defend against attacks. Threat actors have a similar goal to gather as much intelligence as they can about their target network. The difference is an attacker will use that to plan an attack while a defender will use it to try and prevent or discover an attack. In this course, Network Analysis with OPNSense, you'll cover how to utilize OPNSense Firewall to secure a live enterprise environment. First, we’ll discuss installation methods and some basic features of OPNSense, and navigate the user interface to show and install the plugs-in and packages we need to conduct analysis. Next, we will configure Netflow v9, ntop, Suricata, and Zenarmor. Finally, we will use these tools to perform basic network analysis, highlighting the capabilities and differences of each. When you’re finished with this course, you’ll have the skills and knowledge to detect Active Scanning (T1595) and Network Service Discovery (T1046) using OPNSense with Netflow, Suricata, and Zenarmor (Sensei) to effectively recommend mitigations and appropriate response actions.