OSSIM Download – Open Source SIEM Tools & Software


Infosec News Ireland

OSSIM is a popular Open Source SIEM or Security Information and Event Management (SIEM) product, providing event collection, normalization and correlation.

OSSIM Download - Open Source SIEM Tools & Software

OSSIM stands for Open Source Security Information Management, it was launched in 2003 by security engineers because of the lack of available open source products, OSSIM was created specifically to address the reality many security professionals face: A SIEM, whether it is open source or commercial, is virtually useless without the basic security controls necessary for security visibility.

What is OSSIM Security Information and Event Management System

As a SIEM system, OSSIM is intended to give security analysts and administrators a view of all the security-related aspects of their system, by combining log management and asset management and discovery with information from dedicated information security controls and detection systems. This information is then correlated together to create contexts to the information not visible from one piece alone.

OSSIM performs…

View original post 278 more words

Advertisements

All You Need To Know About Configuration Management Tools For DevOps Engineer.


Linux_Point

devops-toolsConfiguration Management Tools for DevOps

DevOps   is a combination of software development and operations — and as its name suggests, it’s a melding of these two disciplines in order to emphasize communication, collaboration, and cohesion between the traditionally separate developer and IT operations teams.

In the past, To maintaining IT infrastructure, deploying applications, and provisioning environments we have to involved in many manual efforts, iterative tasks. But in today’s DevOps platform, true automation of these tasks has arrived. The most benefits of automated configuration management range from time savings to elimination of human error.

View original post 895 more words

Nagios – Install and configure on Centos 7


Youshared

monitoring-logoNagios is an awesome Open Source monitoring tool, its provides you more comprehensive monitoring environment to always keep an eye on your all machines / networks whether you are in a your data center or just your small labs.

With Nagios, you can monitor your remote hosts and their services remotely on a single window. It shows warnings and indicates if something goes wrong in your servers which eventually helps us to detect some problems before they occur. It helps us to reduce downtime and business losses.

Prerequisite :

  • Install and configure Apache httpd – (Click here for reference)
  • Install and configure PHP – (Click here for reference)

Scenario :

Server 1 – http://www.server.world (192.168.0.101) (Nagios installed on this server)

Server 2 – dlp.server.world (192.168.0.100) ( Need to monitor using Nagios )

Server 3 – exm.server.world (192.168.0.110) ( Need to monitor using Nagios )

Server 4 – mail.server.world (192.168.0.103) (…

View original post 169 more words

Monitor your network with zabbix


MY TECH

This tutorial describe to zabbix installation and adding  cisco switch via snmp.

Zabbix is an enterprise open source Monitoring solution for networks and applications developed by Alexei Vladishev.It is software that monitors numerous parameters of a network and the health and integrity of servers.

A web-based frontend ensures that the status of your network and the health of your servers can be assessed from any location.

Zabbix server is compiled with support for the following:

  • SNMP;
  • IPMI;
  • Web monitoring;
  • SSH2;
  • IPv6.

First, you can download zabbix  appliance from this link http://www.zabbix.com/download

View original post 278 more words

[Reverse proxy] – HAProxy vs Nginx


Information Technology News

1. Giới thiệu

Cân Bằng Tải là việc phân bố đồng đều lưu lượng truy cập giữa hai hay nhiều các máy chủ có cùng chức năng trong cùng một hệ thống. Bằng cách đó, sẽ giúp cho hệ thống giảm thiểu tối đa tình trạng của máy chủ, thậm chí là datacenter. Nó là 1 phần cực kì quan trọng trong việc quản lý truy cập.

Có rất nhiều tool để xử lý vấn đề load balancing . Về mặt server thì có 2 tool nổi trội đó là: HAProxy và nginx.

Có một số tính năng rất thú vị về LB

  • Là 1 trong những thành phần quan trọng nhất để monitor hệ thống
  • Là vị trí duy nhất giúp người quản trị nhìn được các service phía sau chúng
Có…

View original post 1,255 more words

[pfSense] – HA with pfSense


Information Technology News

Hôm nay mình sẽ giới thiệu cho các bạn bài viết về HA trên pfsense.

Đầu tiên ta sẽ tìm hiểu HA trên pfsense là gì?

High Availability có nghĩa là “Độ sẵn sàng cao“, những máy chủ, thiết bị loại này luôn luôn sẵn sàng phục vụ, người sử dụng không cảm thấy nó bị trục trặc, hỏng hóc gây gián đoạn. Để đảm bảo được điều đó, tối thiểu có một cặp máy, thiết bị chạy song song, liên tục liên lạc với nhau, cái chính hỏng, cái phụ sẽ lập tức biết và tự động thay thế.

Thông thường các nhóm máy chủ được gọi là “CARP cluster” nhưng CARP chỉ là một phần. High Availability đạt được bằng cách sử dụng sự kết hợp của nhiều kỹ thuật có liên quan, bao gồm cả CARP, trạng thái đồng bộ (pfsync), và cấu hình đồng bộ (XMLRPC…

View original post 729 more words

[Linux] – FreeRadius on Centos


Information Technology News

Install FreeRADIUS and Daloradius on CentOS 7 and RHEL 7
Prerequisites:
Install httpd server
# yum -y update

# yum groupinstall “Development Tools” -y

# yum -y install httpd httpd-devel
Start and enable httpd server
# systemctl enable httpd

# systemctl start httpd

Installing and Configuring MariaDB
We’ll install and configure MariaDB 10, using steps below:
Add MariaDB official repo content to CentOS 7 system
# vim /etc/yum.repos.d/MariaDB.repo
Add the following contents to the file
[mariadb]

 name = MariaDB

 baseurl = http://yum.mariadb.org/10.1/centos7-amd64
 gpgkey=https://yum.mariadb.org/RPM-GPG-KEY-MariaDB
 gpgcheck=1
Update system and install MariaDB to configure Database server
# yum -y update
# yum install -y mariadb-server mariadb

Start and enable MariaDB to run on boot
# systemctl start mariadb
# systemctl enable mariadb

Check if running and if enabled
[root@radius ~]# systemctl status mariadb

[root@radius ~]# systemctl is-enabled mariadb.service

enabled
Configure initial MariaDB settings to secure it. Here you’ll set root password. For security…

View original post 1,137 more words

Zabbix – SQL Injection


PenTesting Blog

Zabbix is an enterprise-class open source distributed monitoring solution. Zabbix is software that monitors numerous parameters of a network and the health and integrity of servers. Properly configured, Zabbix can play an important role in monitoring IT infrastructure.

Vulnerability Overview:

Zabbix suffers from a remote SQL injection vulnerability in the jsrpc.php page or api_jsonrpc.php page .

Proof of Concept:

zabbix

  • Result:
  1. Exemple 1

Capturezabbb.PNG2. Exemple 2

zabbixpwn1.PNGzabbixpwn2.PNG

to decrypt the md5 password,we can use https://hashkiller.co.uk/md5-decrypter.aspx

zabbixpwn3

now ,we can access with admin/C1secret!

and ….

Capturebeauty.PNG

View original post

perlancar's blog

#perl #programming

NSHOCK

TECH BLOG

MyOpsBlog

From young operations engineer

Netshock

Netshock Technology Consulting & Blog

Madrisan

Personal Website

FOSS -THE FUTURE IS HERE

The open source is dominating the IT market as the alternative of every type of proprietary s/w .So why not use your freedom !!

Learn something new

A place to learn different technologies in Software Development Cycle

Jackie Chen's IT Workshop

We are all apprentices in a craft where no one ever becomes a master.

System Admin Blog

In this site, I will write some useful tips and solutions which will help the system administrators work and growth.

Welcome to Linux Solution

Let's learn together

VirtualIT(al)y

Just another WordPress.com weblog

The Thinker Tinkerer

Techno-Philosopher? Is that a thing?

PC Solution

This site helps you to know more about IT Technology, If You have any type of computer related problems occurred and need help. You can ask directly to the experts for a simple PC Solution.

Afinx

Do better things

%d bloggers like this: