Apache | RobWillis.info

Apache Struts CVE-2018-11776 – Testing, Analyzing, & Detection

robwillisinfo — Fri, 31 Aug 2018 13:49:06 +0000

Intro Any time a new Apache Struts vulnerability comes out it should be taken pretty seriously as there are many “mission critical” systems that are leveraging the framework, with a considerable amount of them being public facing. Unfortunately, as a former Sys Ad I can tell you that many of these systems will go on […]

The post Apache Struts CVE-2018-11776 – Testing, Analyzing, & Detection first appeared on RobWillis.info.

ELK Stack – Installing and Configuring Curator

robwillisinfo — Thu, 16 Nov 2017 15:42:29 +0000

In this post I am going to quickly cover what is needed to get Curator up and running on the ELK stack. In the last few posts about the ELK stack I covered everything needed to get it installed, configured and ingesting logs reliably. If you missed those posts, you can find them here: ELK […]

The post ELK Stack – Installing and Configuring Curator first appeared on RobWillis.info.

ELK Stack – Tips, Tricks and Troubleshooting

robwillisinfo — Fri, 10 Nov 2017 02:55:43 +0000

This post is going to be a sort of a follow up to my ELK 5 on Ubuntu 16.04 series. I am going to cover some of the lessons I have learned over the last few months of maintaining a running ELK stack instance. I am also going to cover some one liners that can […]

The post ELK Stack – Tips, Tricks and Troubleshooting first appeared on RobWillis.info.

Exploiting Apache Struts – CVE-2017-9805

robwillisinfo — Sat, 16 Sep 2017 03:53:16 +0000

CVE-2017-9805 is yet another very legitimate vulnerability in the Apache Struts framework. In the video, I demonstrate how easy it is to run a simple public python script against a vulnerable remote server, ultimately resulting in a reverse shell back to the attacker. In this post, I will cover all the steps shown in the […]

The post Exploiting Apache Struts – CVE-2017-9805 first appeared on RobWillis.info.

ELK 5: Setting up a Grok filter for IIS Logs

robwillisinfo — Thu, 11 May 2017 14:47:05 +0000

In Pt. 3 of my setting up ELK 5 on Ubuntu 16.04 series, I showed how easy it was to ship IIS logs from a Windows Server 2012 R2 using Filebeat. One thing you may have noticed with that configuration is that the logs aren’t parsed out by Logstash, each line from the IIS log […]

The post ELK 5: Setting up a Grok filter for IIS Logs first appeared on RobWillis.info.

ELK 5 on Ubuntu 16.04

robwillisinfo — Fri, 21 Apr 2017 04:02:27 +0000

In this series of posts I am going to cover everything needed to get Elasticsearch, Logstash and Kibana (ELK) up and running on Ubuntu 16.04. In the videos I use the desktop version of Ubuntu, but the process should be the same on the server version. In addition to the ELK stack I will also […]

The post ELK 5 on Ubuntu 16.04 first appeared on RobWillis.info.

ELK 5 on Ubuntu: Pt. 3 – Installing and Configuring Beats Agents on Windows Clients

robwillisinfo — Fri, 21 Apr 2017 03:41:39 +0000

In the previous two posts I went over everything from installing Ubuntu to getting the ELK stack setup and ingesting logs from itself. Now in this final post in the series I am going to cover collecting Windows Event and IIS logs from remote Windows clients. Here is the quick run down of exactly what […]

The post ELK 5 on Ubuntu: Pt. 3 – Installing and Configuring Beats Agents on Windows Clients first appeared on RobWillis.info.

ELK 5 on Ubuntu: Pt. 2 – Installing and Configuring Elasticsearch, Logstash, Kibana & Nginx

robwillisinfo — Fri, 21 Apr 2017 01:28:42 +0000

In part one of this series, I went over the basics of installing and configuring Ubuntu 16.04. Now in this part, I am going to take that same VM and go over everything needed to create a functional ELK stack on a single server. By the end of this post the ELK stack will be […]

The post ELK 5 on Ubuntu: Pt. 2 – Installing and Configuring Elasticsearch, Logstash, Kibana & Nginx first appeared on RobWillis.info.

ELK 5 on Ubuntu: Pt. 1 – Installing and Configuring Ubuntu 16.04

robwillisinfo — Fri, 21 Apr 2017 00:31:34 +0000

In this post I am going to cover the steps needed to install and configure Ubuntu 16.04 Desktop as the base operating system for what is going to become the ELK Stack server. My intention with this first post is to help people running the ELK services on top of Windows be a little more […]

The post ELK 5 on Ubuntu: Pt. 1 – Installing and Configuring Ubuntu 16.04 first appeared on RobWillis.info.