This is a follow up of the ‘how to install the ELK stack on CentOS 8’. That is a basic setup with no security at all. There is no encryption, no username and password setup, nothing. Not even firewall rules to filter ports. And as it’s known security can’t only rely on one factor but on a combination of few. In this guide you will read about: - Setting up firewall rules for … [Read more...]

On a recent post I published about how to install an OSSEC server on Ubuntu I explained how this solution can help secure an infrastructure by deploying agents which report back to a central server. This is the second part of this server-client story. On this guide you will read about setting up agents and keys on the server side and how to install the agents on the client … [Read more...]

OSSEC is a host-based intrusion detection system (HIDS). It is specially well known for monitoring files that shouldn’t change on a system (such as critical system files, or binaries, etc) and warning administrators (or anyone you’d like) about those issues. But it does more such as rootkit detection and log analysis with a dedicated engine. Furthermore OSSEC is PCI … [Read more...]

CentOS is the free open source replica of the well known Red Hat Enterprise Linux (RHEL). With a very good reputation because of its stability and performance RHEL is nowadays the dominating GNU/Linux distribution in the enterprise environment. As a gift, in a similar fashion to Microsoft's Windows trial versions (without limits to the use), the CentOS operating system is … [Read more...]