RPM package creation for BRO IDS Deployments.

RPM package creation for BRO IDS Deployments. Basically, there are two ways to install BRO. One is, download the source and compile it for your machine. The other option is to install BRO from a package. Compiling from source is a great option, which allows for customization but can become problematic when deploying BRO on […]

Installing pf_ring on CentOS 7 using yum

PF_RING is software that installs a network socket allowing for “High-speed packet capture, filtering and analysis” https://www.ntop.org/products/packet-capture/pf_ring/. It is useful in applications where capturing a lot of network traffic is a requirement such as Snort or BRO IPS/IDS deployments. When possible, I use salt to manage pf_ring deployments but manual steps are condensed from the […]

Using a systemd.service file to control promiscuous mode automatically at boot

At some point while working on a Salt formula to deploy pfring, I got to a point where I wanted to set promiscuous mode on an interface automatically. I wasn’t exactly sure how to go about it on RHEL/CentOS 7. So many things have changed so I set out to do a quick google search. […]

My Home Lab Setup

There are many reasons why one may want to setup a home lab. For me, the reason is being able to mock up several different scenarios using different software stacks and play with hardware. If you want to setup a lab like I have, it requires ESXi as the hypervisor on physical hardware. However, you […]

Deploy Graylog using SaltStack Formulas

Deploy Graylog using SaltStack and supporting formulas I’ve written a formula for deploying Graylog with additional Salt formulas for Elasticsearch and MongoDB, which  support a Graylog install. Currently, this has only been deployed on CentOS 7 so the Salt states are pretty specific to CentOS and RHEL based distros. There are plans to expand support […]

BRO and Fortinet Content Packs on Graylog Marketplace

Content Packs for Graylog Lately, I have been working with Graylog a lot so I decided to update a few items on github and update their entries on the Graylog marketplace website. BRO content pack for Graylog The BRO IDS content pack contains pipeline rules, a stream, a dashboard displaying interesting activity, and a syslog […]

Replace rsync with lftp for remote file copies on Linux

Rsync is an awesome tool that I have used extensively. However, I think it is time to explore other tools that can replace some of what rsync has been doing for so many years. I’m not saying that you should never use rsysnc. What I am saying is there are other options and in some […]

Patching a Standalone ESXi host using the shell

Overview As with any system running software, you are going to have to apply patches to it at some point and VMware is no different. VMware recommends customers install all security patches to maximize the protection that VMware provides. For a list of all security patches, you can go here https://my.vmware.com/group/vmware/patch#search. Login with your myvmware […]

RedHat Subscription Management

Subscription Management using subscription-manager Register a System subscription-manager register --username <username> --password <password> --auto-attach Disable managed yum repositories subscription-manager config –rhsm.manage_repos=0 Enable a specific channel subscription-manager repos –enable rhel-6-server-optional-rpms Sync RHN Profile rhn-profile-sync From https://access.redhat.com/solutions/253273

Upgrading salt-minion on Windows using Salt

Upgrading the Salt Minion For installation, follow the instructions on the saltstack website Upgrade the Windows salt-minion Login to the salt-master server and cd to the files directory cd /srv/salt/server-base/file Download the latest Version from the SaltStack Website (https://repo.saltstack.com/) wget https://repo.saltstack.com/windows/Salt-Minion-2016.11.1-AMD64-Setup.exe Copy the newest version out to all the Windows servers based on architecture salt […]

Proudly powered by WordPress   Premium Style Theme by www.gopiplus.com