Posts

Showing posts from September, 2024

Step-by-step setup of Wazuh SIEM/FIM tools on Ubuntu Server

Image
  Step-by-step setup of Wazuh SIEM/FIM tools on Ubuntu Server FIM -- File integrity monitoring  SIEM -- Security Information and Event Management   Server and Clinet same network   Hardware Configuration 4 CPU and 8/16GB RAM requred 1.     sudo apt update 2.     curl -sO https://packages.wazuh.com/4.7/wazuh-install.sh && sudo bash ./wazuh-install.sh -a --ignore-check systemctl daemon-reload systemctl enable wazuh-manager systemctl start wazuh-manager systemctl daemon-reload systemctl enable wazuh-dashboard systemctl start wazuh-dashboard   timedatectl list-timezones sudo timedatectl set-timezone Asia/Kolkata   User: admin     Password: nKRW5.IuBfTXOtcRDLQ1JRx?1Ef.17P?   3.     With this, your Wazuh server is ready. Copy the provided credentials from the terminal, enter the server IP into your browser, and proceed to login. Navigate to  htt...

How to install and configure OSSEC server and client

How to install and configure OSSEC server and client sudo timedatectl set-timezone Asia/Calcutta Asia/Calcutta   1. sudo apt-get update && sudo apt-get upgrade -y 2. sudo apt-get install build-essential libevent-dev zlib1g-dev libssl-dev unzip wget -y 3. sudo apt-get install libpcre2-dev 4. sudo apt-get install libsystemd-dev 5. wget https://github.com/ossec/ossec-hids/archive/3.7.0.tar.gz 6. tar -xvzf 3.7.0.tar.gz 7. cd ossec-hids-3.7.0 8. sudo ./install.sh 9. sudo /var/ossec/bin/ossec-control start   Configure OSSEC nano /var/ossec/etc/ossec.conf Update below <global>     <email_notification>yes</email_notification>     <email_to>root@localhost</email_to>     <smtp_server>127.0.0.1</smtp_server>     <email_from>ossecm@localhost</email_from> </global>   <global>     <emai...