Threat detection and response with WAZUH part-2: Agent Installation

In my preceding blog entry, available at this link, I provided a tutorial on the installation of WAZUH SIEM within a Dockerized environment. In this subsequent post, I will elucidate the procedure for deploying and configuring a WAZUH agent on an endpoint system to facilitate log forwarding. Prerequisites Before you …

Threat detection and response with WAZUH part-1

  WAZUH is an open-source security monitoring solution that helps organizations detect and respond to cyber threats. It provides a centralized view of your security posture, allowing you to monitor and secure your infrastructure, applications, and networks in real-time. It includes a variety of features and capabilities such as: Intrusion …

Ansible playbook for spin up droplets in DigitalOcean

Ansible is an open source configuration management tool, and is popular for provision infrastructure. In this blog post I’ll show you how easily you can spin up multiple droplets in DigitalOcean. The full code can be downloaded from here. Prerequisite Ansible should be installed on your host and you should …

It all starts with an [SPAM] email

SPAM (or more specifically phishing) email is the most popular and effective weapon of cyber attack now a day. What is the first thing people do after receiving a spam email? Some got caught in the spammer net, some ignore it, some deletes the email, but as a security enthusiast …

from Zero to Swarm, your one stop Docker shop

  Docker, the most popular container technology nowadays. By nature it’s an application container, means if you want apache you will get apache inside your container. Or if you want to run mysql inside your container its mysql only. Got the picture? Cool. In this post I ll show you …

Uncomplicated Firewall (ufw) for ubuntu system

The Uncomplicated Firewall (ufw) is a front end for iptables and is a host based firewall. In this tutorial we will see how to enable and configure ufw firewall on Ubuntu system. Ubuntu 8.04 LTS introduced ufw, and it is available by default in all Ubuntu installations after 8.04 LTS. One …

Gtop, a command line dashboard for system monitoring

Those who are familiar with Linux system must know the top command. We can monitor our system usage by using top command like cpu, memory etc. There is another command which does the similar things like top, but instead of displaying the output in a raw text format, gtop produce …

Linux firewall for ipv6 traffic

iptables, The most common and widely used Linux firewall for IPv4 traffic. Like iptables, Linux has another firewall utility called ip6tables which is used for IPv6 traffic. These two tables need to configure separately for IPv4 and IPv6 packet. In this tutorial we will see how to configure ip6tables in Ubuntu …

How to deploy MHN (Modern Honey Network) Server on EC-2 Instances

A honeypot is a computer software or device that exists only for attack. Yes, that’s the main goal of a honeypot. When you deploy a honeypot the main goal of the system is to be attacked. When a hacker interact with the honeypot, it starts logging the activity of the …

Back to Top