Remnux is now on 20.04 so look out fellow future people. Thanks for this John.

Fantastic series. You’re great at explaining, and you’re great at picking relevant topics! Can’t wait for tomorrow’s episode!

Excellent video John. Spot on and extremely useful.

Never knew Zeek, would love to see more...Great job John.

Well crafted video, super easy to follow, and great explanation of each command cheers.

Dude you saved my freaking life for my lab due tonight, thank you!!!

hey john great informations, the puzzle it's a bit big across tcpdump Tshark zeek brim and so on as a beginner you can't clear enough the path and what is that a SOC analyst net for NTA.

Helped me tremendously! Thank you, John.

10:45 How do you go back and forth between the terminal and the logs? I’m on Windows btw

Learned a lot from the video, thanks for sharing your valuable knowledge with the world!

Awesome content... Really appreciated. One question though. Why none of the public IP addresses were in the source address column (id.orig_h) in the conn.log? Does that mean no ingress communication took place or is that of Zeek records it traffic?

Kaching....on the money bro job well done thanks

Clear and concise instructions. Awesome thank you .

I am getting the below error in the last step of the process and i havt found any sourse which provides the solutions . Please have a look and let me know if there is anything i can do . "The following packages have unmet dependencies. zeek-core : Depends: libc6 (< 2.28) but 2.35-0ubuntu3 is to be installed Depends: libssl1.1 (>= 1.1.0) but it is not installable E: Unable to correct problems, you have held broken packages. "

but wich one is better zeek or wireshark?

Are there any cheat sheets of zeek queries?

Thanks, John! Super helpful.

Excellent Approach! Super useful!

how to enable it on fedora

Outstanding explanation

As a blue team, its like earmilk. Very very good.

Thank you for sharing such kind of invaluable info. I appreciate you.

Perfect Explanation ever! Thank you

Thanks for your amazing video. Could you please suggest how to use python to capture network data through libpcap or winpcap?

Again great explanation and good topic.. !!

That's great! Thank you very much. Appreciated! How can generate alert instead of logs with Zeek?

This is amazing stuff

Great videos John!

Thanks man ^^ we are waiting for the next one ;)

What is the password to decrypt the file

Perfect Series!

Very good content, thanks for sharing.

Hey can we install zeek in windows subsystem for Linux

Excelent information.

helpful tricks and tools thanks allot

wanna hear a secret,cap? ur AWESOME

Wow he went X-Games mode at the end.