fail2ban is a utility that can be used to protect a server or website from brute-force attacks by blocking the IP address of the attacker after a certain number of failed login attempts. If you want to use fail2ban to protect your WordPress website, you can do so by installing and configuring the fail2ban software … Read more
Introduction: If you ever participated in CTF or trying to crack up some machines on-site like hackthebox you will know what amount of effort goes into initial scanning and enumeration to get you headed on possible advancement on your kill chain. For example, starting a Nmap scan to running Nikto and eventually being able to … Read more
Once applying group policies to the work environment I wondered if it is possible to apply the same policies on mac. Searching for a while concluded it is not possible to apply group policy even after have mac devices bound with Active Directory. After some more searching, I came across MDM (Mobile Device Management), here … Read more
This post is all about windows logging with winlogbeat and sysmon in place to collect all the important logs possible. Without getting into details about the installation of ELK stack I will get started with the installation of services and configuring the server to process that logs. Here is the link for installation script for … Read more
As I wrote in my previous post about getting ossec logs on ELK stack, I included part to install ossec server. As to install OSSEC agent there is an same procedure that we performed during OSSEC server. To be honest I am feeling lazy to write it all again to here is a link for … Read more
ClamAV has been the most used antivirus for Linux. And being open source can add the advantage of modifying the scan and display results as per the needs. Here is a link that explains more about ClamAV – Link. Installing ClamAV is one of the easiest tasks that can be performed to get one step … Read more
This script is only tested in centos. Tweak the script as you like. Please change the version link with a new one. Logstash:- Link Elasticsearch:- Link Kibana:- Link Credit: https://gist.github.com/kydouglas/1f68d69e856fd6d7dc223f8e1f5ae3b3
Collection of logs is an important task if your company works with some kind of user data on-premise. And logging and monitoring of networking devices are also important. In this article, I will show how to set up Syslog on Meraki and using syslog-ng to receive those logs on to your logging server. First, let’s … Read more
