7MS #582: Using Wazuh as a SIEM for Work and Home
7 Minute Security31 Heinä 2023

7MS #582: Using Wazuh as a SIEM for Work and Home

Today we had a blast playing with Wazuh as a SIEM you can use for work and/or home. Inspiration for this episode came from Network Chuck.

This one-liner will literally get Wazuh installed in about 5 minutes:

curl -sO https://packages.wazuh.com/4.4/wazuh-install.sh && sudo bash ./wazuh-install.sh -a

P.S. if you accidentally close your command window before writing down the admin password (like I did), you can use this command to retrieve it:

sudo tar -O -xvf wazuh-install-files.tar wazuh-install-files/wazuh-passwords.txt

Once Wazuh is installed, I recommend going to Management > Configuration > Edit Configuration, look for a section that starts with and change to .

Also, before you start deploying agents, I recommend making some groups for them, which I believe has to be done at the command line:

/var/ossec/bin/agent_groups -a -g windows-boxes -q /var/ossec/bin/agent_groups -a -g linux -q

From there you should be ready to start rockin' some agent installs. Have fun!

Tämä jakso on lisätty Podme-palveluun avoimen RSS-syötteen kautta eikä se ole Podmen omaa tuotantoa. Siksi jakso saattaa sisältää mainontaa.

Jaksot(721)

7MS #665: What I'm Working on This Week - Part 2

7MS #665: What I'm Working on This Week - Part 2

Hello there friends, I'm doing another "what I'm working on this week" episode which includes: BPATTY v1.6 release – big/cool/new content to share here PWPUSH – this looks to be an awesome way (both ...

7 Maalis 202528min

7MS #664: What I'm Working on This Week

7MS #664: What I'm Working on This Week

In today's episode I talk about what I'm working on this week, including: Playing with Sliver C2 and pairing it with ShellcodePack Talking about Netexecer, my upcoming tool that helps automate some o...

28 Helmi 202525min

7MS #663: Pentesting GOAD SCCM

7MS #663: Pentesting GOAD SCCM

Today we live-hack an SCCM server via GOAD SCCM using some attack guidance from Misconfiguration Manager!  Attacks include: Unauthenticated PXE attack PXE (with password) attack Relaying the machine ...

21 Helmi 202529min

7MS #662: Pentesting Potatoes - Part 2

7MS #662: Pentesting Potatoes - Part 2

Hi friends, today we're talking about pentesting potatoes (not really, but this episode is sort of a homage to episode 333 where I went to Boise to do a controls assessment and ended up doing an impro...

14 Helmi 202537min

7MS #661: Baby's First Hetzner and Ludus – Part 2

7MS #661: Baby's First Hetzner and Ludus – Part 2

Today we continue our journey from last week where we spun up a Hetzner cloud server and Ludus.cloud SCCM pentesting range! Topics include: Building a Proxmox Backup Server (this YouTube video was s...

8 Helmi 202537min

7MS #660: Baby's First Hetzner and Ludus

7MS #660: Baby's First Hetzner and Ludus

I had an absolute ball this week spinning up my first Hetzner server, though it was not without some drama (firewall config frustrations and failing hard drives). Once I got past that, though, I got ...

1 Helmi 202534min

7MS #659: Eating the Security Dog Food - Part 8

7MS #659: Eating the Security Dog Food - Part 8

Today I'm excited about some tools/automation I've been working on to help shore up the 7MinSec security program, including: Using Retype as a document repository Leveraging the Nessus API to automat...

24 Tammi 202528min

7MS #658: WPA3 Downgrade Attacks

7MS #658: WPA3 Downgrade Attacks

Hey friends, today we cover: The shiny new 7MinSec Club BPATTY updates A talk-through of the WPA3 downgrade attack, complemented by the YouTube livestream

17 Tammi 202532min

Suosittua kategoriassa Politiikka ja uutiset

uutiscast
aikalisa
politiikan-puskaradio
viisupodi
ootsa-kuullut-tasta-2
rss-ootsa-kuullut-tasta
tervo-halme
rss-podme-livebox
rss-asiastudio
rss-pinnalla
otetaan-yhdet
rikosmyytit
the-ulkopolitist
linda-maria
rss-kaikki-uusiksi
rss-ulkopoditiikkaa
aihe
rss-hyvaa-huomenta-bryssel
rss-sanna-ukkola-show-verkkouutiset
rss-girls-finish-f1rst