Author: Admin

Wazuh – Vulnerability Scanning on Windows & Linux

Posted on by Admin

#vulnerability #vulnerabilitydetection #wazuh

How to Setup Vulnerability Scanning – Windows & Linux. Scan for Vulnerabilities and discover the weaknesses of a given system with open source tool Wazuh.
Wazuh is a free, open source and enterprise-ready security monitoring solution for threat detection, integrity monitoring, incident response and compliance.

Feature Like

  • Security Analytics
  • Intrusion Detection
  • Log Data Analysis
  • File Integrity Monitoring
  • Vulnerability Detection
  • Configuration Assessment
  • Incident Response
  • Regulatory Compliance
  • Cloud Security
  • Container Security

Wazuh – https://wazuh.com/
Wazuh Ova Download (Version 3.12) – https://documentation.wazuh.com/3.12/
Wazuh Agent Download – https://documentation.wazuh.com/3.12/…
Wazuh Setup Video – https://youtu.be/WqQUIz5XRpQ

UpBrightSkills Blogs – https://www.upbrightskills.com/
Go Language Programs – https://www.golangprograms.com/

Wazuh – How to Get Started

Posted on by Admin

Setup Guide for Wazuh – How to get Started with Wazuh. Wazuh is a free, open source and enterprise-ready security monitoring solution for threat detection, integrity monitoring, incident response and compliance.

Feature Like

  • Security Analytics
  • Intrusion Detection
  • Log Data Analysis
  • File Integrity Monitoring
  • Vulnerability Detection
  • Configuration Assessment
  • Incident Response
  • Regulatory Compliance
  • Cloud Security
  • Container Security

Wazuh – https://wazuh.com/

Wazuh Ova Download (Version 3.12) – https://documentation.wazuh.com/3.12/installation-guide/virtual-machine.html

Wazuh Agent Download – https://documentation.wazuh.com/3.12/installation-guide/packages-list/index.html#packages

For More videos go to – https://www.youtube.com/channel/UCIUmpO3KBHPMtgzMA6p0IhA

Automate – Docker Installation

Posted on by Admin 
#!/bin/bash

# Note : For Docker Setup

#OS Update:	
sudo apt-get update -y;
sudo apt-get install gdebi -y;
sudo apt-get install vim -y;
sudo apt-get install nano -y;
sudo apt-get install htop -y;

#Install SSH:
sudo apt-get install openssh-server -y;

#Remove Libre Office:
sudo apt-get remove --purge libreoffice* -y;
sudo apt-get clean;
sudo apt-get autoremove;

#Git
sudo add-apt-repository ppa:git-core/ppa;
sudo apt-get update -y;
sudo apt-get install git -y; 

#sudo add-apt-repository ppa:n-muench/programs-ppa2;
sudo add-apt-repository ppa:n-muench/programs-ppa;
sudo apt-get update -y;
sudo apt-get install -y filezilla;	
sudo apt-get install -y sublime-text;
sudo apt-get install -y chromium-browser;

#Essential Pack	
sudo apt-get install -y synaptic vlc gimp gimp-data gimp-plugin-registry gimp-data-extras bleachbit unrar zip unzip;	

#Samba
sudo apt-get install -y samba system-config-samba cifs-utils;

#Docker Installation
sudo curl -fsSL get.docker.com -o get-docker.sh >/tmp/docker
chmod +x /tmp/docker/get-docker.sh
sudo /tmp/docker/get-docker.sh

#Install Docker Machine
sudo curl -L https://github.com/docker/machine/releases/download/v0.14.0/docker-machine-`uname -s`-`uname -m` >/tmp/docker-machine && \
sudo install /tmp/docker-machine /usr/local/bin/docker-machine

#Install Docker Compose
sudo curl -L https://github.com/docker/compose/releases/download/1.20.1/docker-compose-`uname -s`-`uname -m` -o /usr/local/bin/docker-compose
sudo chmod +x /usr/local/bin/docker-compose

For More videos go to – https://www.youtube.com/channel/UCIUmpO3KBHPMtgzMA6p0IhA

Automate Installation – CentOS with Lamp Stack

Posted on by Admin

One Click Installation

This will configure WebServer with up httpd, mysql, ftp, php, samba.

#!/bin/bash

#IPTables
service iptables stop
chkconfig iptables off

#SELinux Disable - Completely
setenforce 0
SELINUX=disabled
sed -i 's/SELINUX= .*/SELINUX= '${SELINUX}'/' /etc/selinux/config

#Update
yum insall -y update
yum install -y upgrade

#Install httpd
yum install -y httpd
service httpd start
chkconfig httpd on

#Install MySQL Server 5.7
wget https://dev.mysql.com/get/mysql57-community-release-el6-11.noarch.rpm
rpm -ivh mysql57-community-release-el6-11.noarch.rpm
yum clean all
yum install -y mysql mysql-server php-mysql
service mysqld start
chkconfig mysqld on

#Add EPEL Repository
wget http://dl.fedoraproject.org/pub/epel/6/x86_64/epel-release-6-8.noarch.rpm
rpm -ivh epel-release-6-8.noarch.rpm

#Install PHP
yum install -y php php-gd php-mysql php-mcrypt

#Create info.php
cat << EOF > /var/www/html/info.php;

EOF

#HTTPD php.ini - /etc/php.ini
max_execution_time=18000
memory_limit=2048M
upload_max_filesize=32M
sed -i.orignal 's/memory_limit = .*/memory_limit = '${memory_limit}'/' /etc/php.ini
sed -i 's/max_execution_time = .*/max_execution_time = '${max_execution_time}'/' /etc/php.ini
sed -i 's/upload_max_filesize = .*/upload_max_filesize = '${upload_max_filesize}'/' /etc/php.ini

#Install and Configure FTP
yum install -y vsftpd
service	vsftpd start
chkconfig vsftpd on

#Change Owner of HTML Folder (This is for the permission to FTP and Samba)
chown -R ftp_user:ftp_users /var/www/html

#FTP Config vsftpd.conf - /etc/vsftpd/vsftpd.conf (Change configuration file directly with SED Command)
sed -i.orignal 's/anonymous_enable=YES/anonymous_enable=NO /etc/vsftpd/vsftpd.conf
sed -i 's/local_enable=YES/local_enable=NO/' /etc/vsftpd/vsftpd.conf

#FTP User
useradd -s /sbin/nologin -d /var/www/html ftp_user
groupadd ftp_users
usermod -aG ftp_users ftp_user
chown -R root:ftp_users /var/www/html
passwd ftp_user

#Samba configuration (Optional - If required can be installed)
yum install -y samba samba-client samba-common
service smb start
mv /etc/samba/smb.cnf /etc/samba/smb.cnf.bak
chkconfig smb on
echo -e "path= /var/www/html/ \npublic=no \nbrowsable = no \nwritable = yes \nprintable = no \write list = @ftp_users" >> /etc/samba/smb.conf
service smb restart
smbpasswd -a ftp_user

For More videos go to – https://www.youtube.com/channel/UCIUmpO3KBHPMtgzMA6p0IhA

Automate Installation – Ubuntu with JDK & Tomcat

Posted on by Admin

Update OS and Install required packages


apt-get update -y;
apt-get install gdebi -y;
apt-get install vim -y;
apt-get install nano -y;
apt-get install htop -y;
apt-get install unzip -y;
apt-get install python -y;

Install JDK

apt-get install default-jdk -y;
add-apt-repository ppa:webupd8team/java -y;
apt-get update -y;

Install Mysql | Kindly update password


sudo debconf-set-selections <<< 'mysql-server-5.7 mysql-server/root_password password password' 
sudo debconf-set-selections <<< 'mysql-server-5.7 mysql-server/root_password_again password password' 
apt-get -y install mysql-server-core-5.7 mysql-server-5.7 mysql-client-5.7;
service mysql start;

Install AWS CLI on Linux


curl "https://s3.amazonaws.com/aws-cli/awscli-bundle.zip" -o "awscli-bundle.zip"
unzip awscli-bundle.zip
./awscli-bundle/install -i /usr/local/aws -b /usr/local/bin/aws

Tomcat Installation (Update the Version which is required by your application)


groupadd tomcat
useradd -s /bin/false -g tomcat -d /opt/tomcat tomcat
cd /tmp/
curl -O http://redrockdigimark.com/apachemirror/tomcat/tomcat-8/v8.5.30/bin/apache-tomcat-8.5.30.tar.gz 
mkdir /opt/tomcat
tar xzvf apache-tomcat-8.5.30.tar.gz -C /opt/tomcat --strip-components=1
cd /opt/tomcat 
chgrp -R tomcat /opt/tomcat
chmod -R g+r conf
chmod g+x conf
chown -R tomcat webapps/ work/ temp/ logs/
update-java-alternatives -l

Create Service for Tomcat


touch /etc/systemd/system/tomcat.service
cd /etc/systemd/system/

Service File Update (File – /etc/systemd/system/tomcat.service)


cat <> tomcat.service;
[Unit]
Description=Apache Tomcat Web Application Container
After=network.target

[Service]
Type=forking

Environment=JAVA_HOME=/usr/lib/jvm/java-1.8.0-openjdk-amd64/jre
Environment=CATALINA_PID=/opt/tomcat/temp/tomcat.pid
Environment=CATALINA_HOME=/opt/tomcat
Environment=CATALINA_BASE=/opt/tomcat
Environment='CATALINA_OPTS=-Xms512M -Xmx1024M -server -XX:+UseParallelGC'
Environment='JAVA_OPTS=-Djava.awt.headless=true -Djava.security.egd=file:/dev/./urandom'

ExecStart=/opt/tomcat/bin/startup.sh
ExecStop=/opt/tomcat/bin/shutdown.sh

User=tomcat
Group=tomcat
UMask=0007
RestartSec=10
Restart=always

[Install]
WantedBy=multi-user.target
EOF

Start Service


systemctl daemon-reload
systemctl start tomcat
systemctl enable tomcat

Add User for Tomcat Manager (Change your Username and Password as per your needs)


sed -i '22i\' /opt/tomcat/conf/tomcat-users.xml

Allow IP Address for Accessing Tomcat Manager App


cp /opt/tomcat/webapps/manager/META-INF/context.xml /opt/tomcat/webapps/manager/META-INF/context.orignal.xml
cp /opt/tomcat/webapps/host-manager/META-INF/context.xml /opt/tomcat/webapps/host-manager/META-INF/context.original.xml

Delete line number 19 to 21 (File – /opt/tomcat/webapps/manager/META-INF/context.xml)


sed -i '18,20d' /opt/tomcat/webapps/manager/META-INF/context.xml

Add below lines in between i.e 19,20 and 21 number. (File – /opt/tomcat/webapps/manager/META-INF/context.xml)


sed -i '18i\' /opt/tomcat/webapps/manager/META-INF/context.xml
sed -i '19i\'  /opt/tomcat/webapps/manager/META-INF/context.xml #kindly update IP Address

Delete line number 19 to 21 (File – /opt/tomcat/webapps/host-manager/META-INF/context.xml)


sed -i '18,20d' /opt/tomcat/webapps/host-manager/META-INF/context.xml

Add below lines in between i.e 18,19 and 20 number. (File – /opt/tomcat/webapps/host-manager/META-INF/context.xml)


sed -i '18i\' /opt/tomcat/webapps/host-manager/META-INF/context.xml
sed -i '19i\'  /opt/tomcat/webapps/host-manager/META-INF/context.xml #kindly update IP Address

Remove version string from HTTP error messages


cd /opt/tomcat/lib
jar xf catalina.jar /opt/tomcat/lib/org/apache/catalina/util/ServerInfo.properties
sed -i '16,17d' /opt/tomcat/lib/org/apache/catalina/util/ServerInfo.properties
sed -i '16i\server.info=Apache Tomcat' /opt/tomcat/lib/org/apache/catalina/util/ServerInfo.properties
jar uf catalina.jar org/apache/catalina/util/ServerInfo.properties
rm -rf /opt/tomcat/lib/org

Move unwanted Folders from WebApps Folder to Tmp


mv /opt/tomcat/webapps/examples /tmp
mv /opt/tomcat/webapps/docs /tmp

For More videos go to – https://www.youtube.com/channel/UCIUmpO3KBHPMtgzMA6p0IhA

Best Practices – To be Cyber Safe

Posted on by Admin
  • Change Password of your important accounts frequently (Banking, Email Accounts, Social Media Accounts). 
  • Use Strong password.
  • Different password for different accounts.
  • Do not click on any unwanted links. There are many links getting circulated on Email, WhatsApp or any other platforms.
  • Avoid Net Banking / Phone banking – Until it is absolutely necessary.
  • Temporarily Disabling – UPI based transaction.
  • Do not link multiple Bank Accounts with Payment Apps like – Google Pay, Amazon Pay, Paytm etc. 
  • Use – Trusted Computer for transaction, online banking.
  • Use – Trusted Network (Wi-Fi) connection for transaction & online banking.
  • If you have multiple bank accounts, then it is recommended to use Online transaction / UPI linking with bank account which has minimum account balance. (for example, 5K or 10K). This is to reduce the risk of loss.
  • Disable Online banking for the accounts where it is not required. 12. Social Media Accounts – Secure those accounts where no one can see your personal information.
  • Enable 2-Factor Authentication wherever possible.
  • Remove Unwanted Apps from your Phone / PC.
  • Do not install any application if you don’t trust.
  • Keep your phone and system updated with latest patches.
  • Remove Apps which collects and stores your Data. Read Agreement before installation or giving permission to application.
  • Keep yourself updated with Cyber threat news. You can subscribe to any websites.