Tag: security
-
ELK 5 on Ubuntu 16.04
In this series of posts I am going to cover everything needed to get Elasticsearch, Logstash and Kibana (ELK) up and running on Ubuntu 16.04. In the videos I use the desktop version of Ubuntu, but the process should be the same on the server version. In addition to the ELK stack I will also…
Written by
-
ELK 5 on Ubuntu: Pt. 3 – Installing and Configuring Beats Agents on Windows Clients
In the previous two posts I went over everything from installing Ubuntu to getting the ELK stack setup and ingesting logs from itself. Now in this final post in the series I am going to cover collecting Windows Event and IIS logs from remote Windows clients. Here is the quick run down of exactly what…
Written by
-
ELK 5 on Ubuntu: Pt. 2 – Installing and Configuring Elasticsearch, Logstash, Kibana & Nginx
In part one of this series, I went over the basics of installing and configuring Ubuntu 16.04. Now in this part, I am going to take that same VM and go over everything needed to create a functional ELK stack on a single server. By the end of this post the ELK stack will be…
Written by
-
ELK 5 on Ubuntu: Pt. 1 – Installing and Configuring Ubuntu 16.04
In this post I am going to cover the steps needed to install and configure Ubuntu 16.04 Desktop as the base operating system for what is going to become the ELK Stack server. My intention with this first post is to help people running the ELK services on top of Windows be a little more…
Written by
-
Stopping Bots and Website Scrapers from scanning your sites on IIS with URL Rewriteโฆ
Bots and Website Scrapers can be a serious annoyance to anyone who is responsible for administering a website and the more sites and servers you are responsible the more of a problem it can become. Every request a bot or scraper makes requires some amount of resources on the web server hosting the site, the…
Written by
-
Metasploit Framework basics on Kali Linux – Owning a Windows Server
In this post I want to talk about the basics of using the Metasploit Framework that is included on the latest version of Kali Linux. If you don’t already know the Metasploit Framework is a project that makes writing and utilizing exploits relatively easy and it’s components are very modularized. Metasploit has everything you need…
Written by
-
Modifying HTTP Response Headers in IIS 8 with URL Rewrite
If you have ever scanned your own site or a site you are responsible for you may have noticed that web servers sometimes tend to give out more information about themselves than is really needed. This information can also be used by an attacker to then target the specific versions of software the server is…
Written by
-
Android IP Security Cam with Motion Detection and Recording!
So I recently switched carriers (Sprint is awesome!) and picked up a Samsung Galaxy Note 2. Surprisingly my previous phone, a Motorola Droid 3, made it the whole 2 yrs and still worked perfectly. Normally I just sell my old phone on ebay or something and use that money to pay for my new phone.…
Written by
-
IIS 7/7.5 Hardening SSL TLS – Windows Server 2008 R2
One of the first steps you should do when deploying a new public facing web server is hardening your server’s SSL/TLS connections. Disabling vulnerable protocols, ciphers, hashes and key exchange algorithms can help mitigate the now more common exploits like the BEAST attack. By default many weaker technologies are enabled, leaving IIS traffic vulnerable and…
Written by
