Using the provided MISPVM ova file, import it on VirtualBox and respond to the questionsbelow. Also, add a screenshot of every step.
NOTE: you mightwant to add an Internal interface and assign an IP address (edit thefile /etc/network/interfaces), sothat you can connect to the WebApp from a browser.
Why there are no events when clicking on Home?
Go to Sync Actions → List Feeds to check the list of default feeds.
Load all default feed metadata and check how it looks like.
In Home there is still no events. What do you have to do to see, for instance, IPs blocked by Snort? Explain step by step.
Prove that these events are available in Home.
Click on the ID to populate information about this event. What kind of information is shown at the list at the bottom? What this information represents?
Using ipgeolocation.io, locate one of the entries in the list. Choose it randomly.
Go back to the list of feeds and add all related to malware (use the search engine). If it takes a while, check in Administration → Jobs the background tasks. Once done, prove again you got events from all of them.
Show the details of URLhaus.
In the Galaxies menu, you can search for topics. Show the information regarding malware stealer.
What feed would you use for phishing URLs?
And for spam?
Already registered? Login
Not Account? Sign up
Enter your email address to reset your password
Back to Login? Click here