fail2ban is a utility that can be used to protect a server or website from brute-force attacks by blocking the IP address of the attacker after a certain number of failed login attempts. If you want to use fail2ban to protect your WordPress website, you can do so by installing and configuring the fail2ban software … Read more
Introduction: In the security industry, there is so much emphasis on Windows server and workstation security with thousands of security products dedicated to finding vulnerabilities and hardening servers. A few products that we have in the market are Nessus, Nexpose, and OpenVAS, one may say they do support Linux and I agree entirely, but they … Read more
As I wrote in my previous post about getting ossec logs on ELK stack, I included part to install ossec server. As to install OSSEC agent there is an same procedure that we performed during OSSEC server. To be honest I am feeling lazy to write it all again to here is a link for … Read more
ClamAV has been the most used antivirus for Linux. And being open source can add the advantage of modifying the scan and display results as per the needs. Here is a link that explains more about ClamAV – Link. Installing ClamAV is one of the easiest tasks that can be performed to get one step … Read more
This is the week I am writing about something that very common, and the reason behind this post is that I was running out of time to work on new stuff I found interesting. But keep the promise for the next post I will bring something interesting. Lets start. Searching through the Linux file system … Read more
This post might be a little different, it little is on the nonethical side. But I am writing it with curiosity. I am sure many of you many know about it. Let’s start with this thing. Recently I have been working on a project to transfer my current website to the cloud will messing around … Read more
Multi-factor authentication has been one of the incredible things that security people love. An extra layer of protection that authorized person has, have or are. Now let’s get straight to the point on configuring two-factor authentication on CentOS 7. Let’s first install the additional repository called epel Now let’s install google-authenticator Once installed type following … Read more
Opensource siem has its own place in the SOC world. Even commercial siem uses Opensource components like elasticsearch, kibana, and logstash. Some of the popular opensource SIEM include OSSIM, The ELK stack, OSSEC, Wazuh, Apache Metron and MozDef by Mozilla. The reason behind writing this post is to help with the installation process of MozDef. … Read more
One of the important things to maintain during any kind of incident is communication. Without it, the companies get to fall apart due to miscommunication which happens with a lack of communication. As seen during any kind of incident, there is an environment of chaos in which people don’t know what to do, even if … Read more
This script is only tested in centos. Tweak the script as you like. Please change the version link with a new one. Logstash:- Link Elasticsearch:- Link Kibana:- Link Credit: https://gist.github.com/kydouglas/1f68d69e856fd6d7dc223f8e1f5ae3b3
