What is Rita?
Sponsored by Active Countermeasures. RITA is an open source framework for network traffic analysis. The framework ingests Zeek Logs in TSV format, and currently supports the following major features: Please see our recommended System Requirements document if you wish to use RITA in a production environment.
What is Rita framework for network traffic analysis?
RITA is an open source framework for network traffic analysis. The framework ingests Zeek Logs in TSV format, and currently supports the following major features: Beaconing Detection: Search for signs of beaconing behavior in and out of your network DNS Tunneling Detection Search for signs of DNS based covert channels
Where can I find the config file for Rita?
RITA’s config file is located at /etc/rita/config.yaml though you can specify a custom path on individual commands with the -c command line flag. The Filtering: InternalSubnets section must be configured or you will not see any results in certain modules (e.g. beacons, long connections).
Should I use Rita or AC-Hunter?
If you get value out of RITA and would like to go a step further with hunting automation, futuristic visualizations, and data encrichment take a look at AC-Hunter. Sponsored by Active Countermeasures. RITA is an open source framework for network traffic analysis.
How did Jessica Chastain and Rita Moreno meet?
Rita Moreno recalled how she met Jessica Chastain in a new Variety “Actors on Actors” interview. She said that as Chastain was leaving the restaurant Moreno said: “I love your breasts.” Chastain, who was also part of the interview, said she thought Moreno said “dress.” Over 3 million people read Morning Brew; you should too Something is loading.
How do I install Rita on Ubuntu 18 LTS?
RITA provides an install script that works on Ubuntu 18.04 LTS, Ubuntu 16.04 LTS, Security Onion, and CentOS 7. Download the latest install.sh file here and make it executable: chmod +x ./install.sh Then choose one of the following install methods: