Clamav is a free antivirus nowadays owned by Cisco and developed under the umbrella of the Talos-Intelligence group. Don’t be fooled by the word free, this is serious business. It supports a wide variety of operating systems from Windows to Linux-based ones as well as FreeBSD. Many companies are using other types of antivirus software and some have had an advantage over Clamav … [Read more...]
How to secure the ELK stack on CentOS 8
This is a follow up of the ‘how to install the ELK stack on CentOS 8’. That is a basic setup with no security at all. There is no encryption, no username and password setup, nothing. Not even firewall rules to filter ports. And as it’s known security can’t only rely on one factor but on a combination of few. In this guide you will read about: - Setting up firewall rules for … [Read more...]
Nmap cheatsheet
Nmap is a discovery tool used in security circles but very useful for network administrators or sysadmins. One can get information about operating systems, open ports, running apps with quite good accuracy. It can even be used in substitution to vulnerability scanners such as Nessus or OpenVAS for not very large environments, or quick audits. This is not a long explanatory … [Read more...]
How to install the ELK stack on CentOS 8
The ELK stack stands for Elasticsearch, Logstash and Kibana. These three pieces of software are very useful since each brings a powerful capability that in combination is just great to use. Elasticsearch is a search and analytics engine. Logstash can process data from multiple sources. Kibana allows to visualize data in a graphic manner. These three capabilities combined is … [Read more...]
How to install OSSEC agents on Windows
On a recent post I published about how to install an OSSEC server on Ubuntu I explained how this solution can help secure an infrastructure by deploying agents which report back to a central server. This is the second part of this server-client story. On this guide you will read about setting up agents and keys on the server side and how to install the agents on the client … [Read more...]