For when I blow off bash from brew on OSX:
Saturday, August 21, 2021
Monday, July 19, 2021
Wazuh on Windows using docker
You can ignore the memory instructions athttps://documentation.wazuh.com/current/docker/wazuh-container.html and just bring up a git bash shell from https://git-scm.com/download/win
git clone https://github.com/wazuh/wazuh-docker.git - b v4.1.5 --depth=1
cd wazuh-docker
docker-compose up
You'll need to install an agent on the host and point it to localhost. Here's the command that the "Add agent" gives you for a privileged PowerShell:
Invoke-WebRequest -Uri https://packages.wazuh.com/4.x/windows/wazuh-agent-4.1.5-1.msi -OutFile wazuh-agent.msi; ./wazuh-agent.msi /q WAZUH_MANAGER='localhost' WAZUH_REGISTRATION_SERVER='localhost' WAZUH_AGENT_GROUP='default'
If the agent doesn't seem to register, do:
C:\Program Files (x86)\ossec-agent\agent-auth.exe' -m localhost
Check the log for errors etc via:
more 'C:\Program Files (x86)\ossec-agent\ossec.log'
If you need to remove an existing agent to try again, do:
msiexec.exe /x wazuh-agent.msi /qn
Tuesday, June 29, 2021
Wazuh on MacOS using docker.
https://documentation.wazuh.com/current/docker/wazuh-container.html
Works, but one has to use 127.0.0.1 for the host MacOS agent as docker for Mac only can listen to 127.0.0.1.
Monday, June 28, 2021
Wazuh on Windows
Download an OVA from: https://documentation.wazuh.com/current/virtual-machine/virtual-machine.html
Fire up VirtualBox and choose File, Import Appliance:
Find the file you downloaded:
Accept the settings and import:
Make sure you are using the Bridged Adapter. Start the VM it should look like:
The login is root/wazuh. You need to find the IP address via "ip a":
It's been my experience that elasticsearch doesn't always come up, so check via "systemctl status elastic.service". If it's not up, do "systemctl restart elastic.service" and check via status again.
Now, you should be able to get the login screen via your browser at https://<the IP address of the VM>. You will get the warning; this is one of the few times you should accept the risk as it's a VM on your own machine with a self-signed certificate.
You can now login to Wazuh with admin/admin
After some checks, you'll see the home screen. It shows zero agents, so you'll need to "Add agent".
This will give you a command you need to issue in PowerShell, which you have to run as administrator.
Paste the command, a number of shells will pop up briefly as the client is installed.
Now, you should be able to go to the Wazuh home screen and see that the agent is communicating.
A good place to start is the "Security configuration assessment" for the agent.
Sunday, January 31, 2021
Pointers to pages used getting Linux Mint all set up
Monday, December 14, 2020
DIY standup desk
I like standup desks and had a design rattling around in my noggin. Here is the parts list.
- 7, 1 in. Black Iron Floor Flange
- 3, 1 in. x 12 in. Black Iron Threaded Pipe
- 1, 1 in. x 18 in. Black Iron Threaded Pipe
- 28, #10 x 3/4 in. Zinc Plated Phillips Flat Head Wood Screw
- 1, 2 ft. x 4 ft. 3/4 in. hardwood ply (I used birch)
- 1, Universal Bracket Pole Mount with Removable 75mm and 100mm VESA Plate
I maximized the sheet of plywood by marking two triangles with 32 in. on the long side. That left small 16 in. triangles.
I clamped a guide on before cutting with a circular saw. I should have used a plywood blade, but I didn't have one laying around. It splintered a little, but not bad.
Here's the 18 in. pipe with the VESA clamp.
And the whole thing with a Pi 400.
Requried software
I work to do most things via the keyboard instead of the mouse. Having a clipboard manager is huge. Here are a few things I use.
Linux
MacOS
Also, I like information on the desktop.
- https://www.rainmeter.net/
- http://tracesof.net/uebersicht/
- https://github.com/brndnmtthws/conky/wiki
Subscribe to:
Posts (Atom)