How to Install and Configure AlienVault HIDs Agent on a Linux Host

2
In this tutorial, we are going to learn how to install and configure AlienVault HIDS (Host Intrusion Detection) agents on a Linux as well as a Windows system. AlienVault uses OSSEC HIDS agents for Host Intrusion Detection. To actively monitor all aspects of system activity; file integrity monitoring, log monitoring, rootcheck, and process monitoring, OSSEC agents that collect all these...

Import Assets to AlienVault USM/OSSIM using a CSV file

0
In this article, we are going to learn how to import assets to AlienVault USM/OSSIM using CSV file. The assets in this case refers to hosts, servers, routers, or any other device or endpoint you want to monitor for HIDs, NIDs, file integrity, vulnerability using AlienVault USM/OSSIM server. In our previous article, we learned how to install and set up...

How to install and configure AlienVault OSSIM 5.5 on VirtualBox

0
In this tutorial, we are going to learn how to install and set up AlienVault OSSIM 5.5 SIEM on VirtualBox. If you are a Blue Team security analyst, in one way or another you must have heard of or interact with not one, not two SIEM (Security Information and Event Management) solutions. Well, AlienVault is one of the leading SIEM...

How to Add and Scan a Target for Vulnerabilities on OpenVAS Scanner

0
In our previous article, we discussed how to install and setup OpenVAS Vulnerability Scanner on Ubuntu 18.04. In this tutorial, we are going to learn how to add and scan a target host for any vulnerability using OpenVAS Scanner. Want to use PostgreSQL database with OpenVAS 9 instead of the default SQLite? See the link below on how to configure OpenVAS...

How to Install and Setup OpenVAS 9 Vulnerability Scanner on Ubuntu 18.04

14
Hello there. In this guide, we will be learning about how to install and setup OpenVAS 9 Vulnerability Scanner on Ubuntu 18.04. OpenVAS is the world's most advanced Open Source vulnerability scanner and manager. It is a software framework of several services and tools offering a comprehensive and powerful vulnerability scanning and vulnerability management solution. It executes the actual Network...

How to enable Secure Shell (SSH) server on OPNsense

0
In this tutorial, we are going to learn how to enable ssh server on OPNsense. So you have installed OPNsense and can be able to login via web gui but login via ssh is timing out? # ssh -v [email protected] OpenSSH_7.2p2 Ubuntu-4ubuntu2.4, OpenSSL 1.0.2g 1 Mar 2016 debug1: Reading configuration data /etc/ssh/ssh_config debug1: /etc/ssh/ssh_config line 19: Applying options for * debug1: Connecting to 192.168.10.23...

How to Enable Ping response On IBM QRadar SIEM

0
In this tutorial, we are going to learn how to enable the ICMP ping response on QRadar SIEM. So you have installed IBM QRadar SIEM and trying to verify its connectivity using ping command but you realized that ping icmp requests are  being dropped? Well, this happens because by default, QRadar SIEM drops all ICMP traffic received on the management...

How To Reset Or Recover Root Password On OPNsense

4
So for some reason you just forgot the root password for your OPNsense router/firewall and you are now locked out and dont know what to do!!? Relax as in this article, we will show you How To Reset Or Recover Root Password On OPNsense from single user mode. You can also check our previous guide on how to install OPNsense...

How to Install OPNsense on VirtualBox

0
In this tutorial, we are going to learn how to install OPNsense on VirtualBox. OPNsense is a FreeBSD-based open-source and a fork of pfSense software that provides firewall and routing features. It is developed by Desico, a Company in Netherlands. Some of the common features offered by OPNsense include: Traffic Shaping Forward caching proxy Intrusion detection and Prevention Two-factor authentication ...

How to Fix QRadar CE failing Gluster 3.8 repos on CentOS-7.3

0
In our previous article, we learnt how to Install IBM Qradar Community Edition on VirtualBox. Installation of QRadar CE 7.30 on CentOS 7 may fail with the error "One of the configured repositories failed (CentOS-7 - Gluster 3.8) and yum doesn't have enough cached data to continue". As a result, this guide presents a simple way on how...