Hello and welcome to the Friday, February 14th, 2020-5 edition of the Sands Internet Storm Center's Stormcast.

My name is Johannes Ulrich and I'm recording from Jacksonville, Florida.

Running Honeypot is a lot of fun, but sometimes if you're trying to explain to, let's say, a family member during packet night

or maybe just for your own interest, what exactly is happening with the honeypot,

well, this can be a little bit tricky to sift through all the logs.

Guy luckily set up a seam add-on for our honeypot that provides you with some real neat dashboards

that really put some light behind the scenes and show you what exactly is happening,

what attacks the honeypot is seeing in a ratherly nice graphical representation.

This is all built around Elasticsearch, so the usual

L stack of Elasticsearch, Logs dash, Kibana is what you have in this particular setup.

A bunch of additional software seek, so some packet analysis here as well. That's all neatly

summarized.

The latest version was just released by Guy,

and he did write up a quick summary with some screenshots in his diary today. So take a look and just one little word of caution here.

Because of all the add-on software, this does not run sort of in our

minimum hardware configuration. You may need something a little bit more beefy. I've run it

sort of on essentially of one of these N-100, so these low-end Intel CPUs that actually sometimes

are competitively priced compared to, let's say,

Raspberry Pi, depending on the exact setup that you're looking for.

And then we got some Palo Alto vulnerabilities to talk about.

And this vulnerability is actually kind of interesting.

It's not sort of your very straightforward

...