7MS #582: Using Wazuh as a SIEM for Work and Home
7 Minute Security31 Heinä 2023

7MS #582: Using Wazuh as a SIEM for Work and Home

Today we had a blast playing with Wazuh as a SIEM you can use for work and/or home. Inspiration for this episode came from Network Chuck.

This one-liner will literally get Wazuh installed in about 5 minutes:

curl -sO https://packages.wazuh.com/4.4/wazuh-install.sh && sudo bash ./wazuh-install.sh -a

P.S. if you accidentally close your command window before writing down the admin password (like I did), you can use this command to retrieve it:

sudo tar -O -xvf wazuh-install-files.tar wazuh-install-files/wazuh-passwords.txt

Once Wazuh is installed, I recommend going to Management > Configuration > Edit Configuration, look for a section that starts with and change to .

Also, before you start deploying agents, I recommend making some groups for them, which I believe has to be done at the command line:

/var/ossec/bin/agent_groups -a -g windows-boxes -q /var/ossec/bin/agent_groups -a -g linux -q

From there you should be ready to start rockin' some agent installs. Have fun!

Jaksot(710)

7MS #710: I'm Taking a Break

7MS #710: I'm Taking a Break

Hi friends, I'm going to be taking a break from producing podcast episodes, as well as content over at 7MinSec.club.  It's a temporary break, so please don't unsubscribe, unfollow, etc.  I need some e...

17 Tammi 4min

7MS #709: Second Impressions of Twingate

7MS #709: Second Impressions of Twingate

Hey friends, in episode #649 I gave you my first impressions of Twingate.  It's been a minute, so I thought I'd revisit Twingate (specifically this awesome Twingate LXC) and talk about how we're using...

10 Tammi 20min

7MS #708: Tales of Pentest Fail – Part 6

7MS #708: Tales of Pentest Fail – Part 6

After sharing a recent story about how a phishing campaign went south, I heard feedback from a lot of you.  You either commiserated with my story, told me I wussed out, and/or had a difficult story of...

2 Tammi 25min

7MS #707: Our New Pentest Course Has Launched!

7MS #707: Our New Pentest Course Has Launched!

Today we're thrilled to announce the launch of LPLITE:GOAD (Light Pentest Live Interactive Training Experience: Game of Active Directory). The first class is coming up Tuesday, January 27 – Thursday, ...

26 Joulu 202514min

7MS #706: Tales of Pentest Pwnage – Part 80

7MS #706: Tales of Pentest Pwnage – Part 80

I'm so excited to share today's tale of pentest pwnage, because it brings back to life a coercion technique I thought wouldn't work against Windows 11! Spoiler alert: check out rpc2efs, as well as the...

19 Joulu 202529min

7MS #705: A Phishing Campaign Fail Tale

7MS #705: A Phishing Campaign Fail Tale

This might be obvious, but security is not all domain admin dancing and maximum pwnage. Sometimes, despite my best efforts, a security project does a faceplant. Today's episode focuses on a phishing c...

12 Joulu 202521min

7MS #704: DIY Pentest Dropbox Tips – Part 12

7MS #704: DIY Pentest Dropbox Tips – Part 12

Hola friends!  My week has very much been about trying to turnaround pentest dropboxes as quickly as possible.  In that adventure, I came across two time-saving discoveries: Using a Proxmox LXC as a ...

5 Joulu 202524min

7MS #703: Tales of Pentest Pwnage – Part 79

7MS #703: Tales of Pentest Pwnage – Part 79

Happy Thanksgiving week friends! Today we're celebrating a turkey and pie overload by sharing another fun tale of pentest pwnage! It involves using pygpoabuse to hijack a GPO and turn it into our pent...

28 Marras 202522min

Suosittua kategoriassa Politiikka ja uutiset

aikalisa
rss-ootsa-kuullut-tasta
ootsa-kuullut-tasta-2
tervo-halme
politiikan-puskaradio
rss-podme-livebox
et-sa-noin-voi-sanoo-esittaa
viisupodi
otetaan-yhdet
rss-asiastudio
rss-mina-ukkola
rikosmyytit
the-ulkopolitist
rss-vaalirankkurit-podcast
io-techin-tekniikkapodcast
linda-maria
rss-kiina-ilmiot
rss-kaikki-uusiksi
rss-hyvaa-huomenta-bryssel
rss-kuka-mina-olen