Powered By TEKGENX CONSULTING
Views: 27Intrusion Detection System (IDS) IDS is a passive monitoring solution for detecting possible malicious activities/patterns, abnormal incidents, and policy violations. It is responsible for generating alerts for each suspicious event. There are two main types of IDS systems; Intrusion Prevention System (IPS) IPS is an active protecting solution for preventing possible malicious activities/patterns, abnormal incidents, and policy violations. … Read more
Views: 67Splunk Search Processing Language comprises of multiple functions, operators and commands that are used together to form a simple to complex search and get the desired results from the ingested logs. Main components of SPL Search Field Operators Comparison Operators These operators are used to compare the values against the fields. Field Name Operator … Read more
Views: 23Shipping OPNsense firewall logs to Splunk centralizes log management, allowing for seamless consolidation with other network and system logs. This integration enhances visibility into network traffic, enabling the identification of threats like port scans, malware communication, or brute force attacks. By correlating OPNsense logs with logs from other sources, organizations can perform faster root … Read more
Views: 50Link to the TryHackMe Room; https://tryhackme.com/r/room/servidae Room Objectives: In this room, we will analyze the log data from a compromised workstation using the Kibana interface. Within this room’s tasks, we will explore the components of the Elastic (ELK) Stack and gain insights into the various search and filter functions available in Kibana. Our ultimate … Read more
Views: 39Understanding Logs in Infrastructure Systems Logs and Their Role Log Analysis What Are Logs? Definition Log Entry Components Sample Log Analysis Importance of Logs 1. System Troubleshooting 2. Cybersecurity Incident Response 3. Threat Hunting 4. Compliance Types of Logs in Computing Environments Integrative Analysis Data Visualization Data visualization tools, such as Kibana (of the … Read more
Views: 8Splunk Search & Reporting App Overview The Search & Reporting App is the primary interface on Splunk’s Home page used for searching and analyzing data. This app provides several essential functionalities to enhance the search experience for analysts. Search & Reporting App is the default interface used to search and analyze the data on the Splunk Home … Read more
Views: 61Step-by-Step Guide to Install MISP Using Docker on Ubuntu In this guide, we will walk through the steps to install the MISP (Malware Information Sharing Platform) using Docker on an Ubuntu server. Prerequisites Before we begin, make sure your system meets the following requirements: Step 1: Update Your Server and Install Docker First, ensure … Read more
Views: 16Code Obfuscation is a technique used to make a script more difficult to read by humans but allows it to function the same from a technical point of view, though performance may be slower. This is usually achieved automatically by using an obfuscation tool, which takes code as an input, and attempts to re-write … Read more
Views: 23Reference: TryHackMe Room “Core Windows Processes” Core Windows Processes Understanding how the Windows operating system functions as a defender is vital. Task Manager doesn’t show a Parent-Child process view. That is where other utilities, such as Process Hacker and Process Explorer, come to the rescue. Process Hacker Process Explorer Command-line equivalent of obtaining information about the running … Read more
