NetwerkLABS

Remotely Upgrading Wazuh Agents – CLI Method

To upgrade agents using the command line, use the agent_upgrade tool as follows: List all the agents with outdated software: /var/ossec/bin/agent_upgrade -l [root@wazuh-server wazuh-user]# /var/ossec/bin/agent_upgrade -lID Name Version 001 zyberpatrol-pdc Wazuh v4.7.1…

Bharath Narayanasamy

BIG-IP LTM

L4 – L7 Load Balancing

Load Balancers Despite the name, a Load Balancer does not only balance the load: some of its core functionalities are: Load Balancing: of course, it has a way to determine…

Bharath Narayanasamy

BIG-IP LTM

BIG-IP LTM: Deployment Models

Deployment Methods One-armed Deployment Two-armed Deployment nPath or Direct Server Response (DSR) Deployment One-Arm Deployment In one-arm deployment, the load balancer is not physically in line of the traffic, which…

Bharath Narayanasamy

BIG-IP LTM

BIG-IP LTM: Load Balancing Methods

Bharath Narayanasamy

Threat Intelligence

Threat Intelligence for SOC

Threat Intelligence is the analysis of data and information using tools and techniques to generate meaningful patterns to mitigate against potential risks associated with existing or emerging threats targeting organisations,…

Bharath Narayanasamy

Threat Hunting Threat Detection and Incident Response

Threat Detection: Detecting a Webserver Attack

LAB Setup Let's use the DIWA ( Deliberately Insecure Web Application) vulnerable created by Tim Steufmehl , to setup the victim machine. Prepare a Linux machiine with Docker installed. Follow the…

Bharath Narayanasamy

Threat Intelligence

Detection Engineering vs Threat Hunting

DETECTION ENGINEERING: REINFORCING THE KNOWN Threat detection is the process of identifying threats in an organization that is actively trying to attack the endpoints, networks, devices and systems. Unlike threat…

Bharath Narayanasamy

PROTECT

Linux System Hardening

Create a GRUB password grub2-mkpasswd-pbkdf2 PBKDF2 stands for Password-Based Key Derivation Function 2. It is important to note that adding a password for GRUB is not available for systems deployed using cloud…

Bharath Narayanasamy

SOC Analyst Threat Detection and Incident Response Intrusion Detection and Response

DFIR: Linux File System Analysis

Bharath Narayanasamy

Threat Hunting

Yara 101

YARA is a powerful pattern-matching tool and rule format used for identifying and classifying files based on specific patterns, characteristics, or content. SOC analysts commonly use YARA rules to detect and…

Bharath Narayanasamy