Posts

Creating a Proxmox VE Cluster Overview Forming a Proxmox VE cluster allows you to manage multiple nodes under one interface, enabling advanced features like High Availability (HA) and centralized resource management. Below is a step-by-step guide on how to create and join nodes to a Proxmox cluster. Step 1: Prepare Each Node Log in to every Proxmox node you intend to include in the cluster (via the web interface or SSH). Verify that each node has a valid hostname, IP address, and consistent network configuration. It is often advisable to place cluster communication on a dedicated VLAN or network segment for reliability and security. Step 2: Create the Cluster on the First Node Select the Initial Node Log in to the node you want to designate as the primary or initial cluster node. ...

How to Suppress Alerts in Wazuh Wazuh is a powerful open-source security platform for threat detection and response. Sometimes, you may need to suppress specific alerts that are not relevant to your environment. This guide walks you through the steps to suppress a rule in Wazuh effectively. Step-by-Step Guide to Suppress a Rule in Wazuh 1. Log in to Wazuh Open your web browser and navigate to your Wazuh dashboard. Log in with your credentials to access the management interface. ...

How to Set Up an OPNsense Virtual Machine Using Virt-Manager If you’re looking to set up an OPNsense firewall in a virtualized environment using Virt-Manager, this step-by-step guide will help you get started. OPNsense is a powerful open-source firewall and routing platform, and running it on a virtual machine can offer significant flexibility for testing, deployment, and customization. Step 1: Download the OPNsense ISO First, head over to the OPNsense Download Page. ...

How to Install and Set Up OPNsense with IDS in Virt-Manager What is OPNsense? OPNsense is an open-source, easy-to-use, and powerful firewall and routing platform. It is based on FreeBSD and designed to offer enterprise-grade features with a user-friendly interface. OPNsense supports features like VPN, intrusion detection, traffic shaping, and advanced routing options. It’s widely used for securing network environments in both small businesses and enterprise networks. What is an Intrusion Detection System (IDS)? An Intrusion Detection System (IDS) is a security tool that monitors network or system activities for malicious activities or policy violations. The primary function of an IDS is to detect attacks and unauthorized access attempts by analyzing traffic patterns, logs, and system behavior. If suspicious activity is detected, the IDS generates alerts to notify the network administrator. IDS systems can be signature-based, anomaly-based, or a combination of both. ...

Cicada HTB Walkthrough Step 1: Initial Enumeration with Nmap The first step in attacking Cicada HTB is performing an Nmap scan to identify open ports and running services. sudo nmap -sV -sC -oA nmap/cicada 10.10.11.35 Nmap Results The scan revealed several open ports, including: LDAP (389, 636, 3268, 3269) SMB (445) Kerberos (88) MSRPC (135, 593) DNS (53) This indicates an Active Directory (AD) environment, which suggests possible attacks related to SMB, Kerberos, and LDAP. ...

How to Set Up FOG Server for Windows 10 Imaging and Deployment This guide walks you through installing and configuring a FOG (Free Open-source Ghost) server to capture and deploy Windows 10 images across networked machines. Prerequisites Before starting, ensure you have the following: Windows Server 2019 with the DHCP Server role enabled. Ubuntu Server (20.04 LTS or later) for hosting FOG. Two Windows 10 Client Machines: Reference Machine: To capture the base Windows 10 image. Target Machine: To deploy the captured image. All devices must be on the same network. Step 1: Install FOG on Ubuntu Server 1. Install Git Open a terminal on your Ubuntu server and run: ...

What is BitLocker? BitLocker is a tool used to encrypt Windows computers. It can use a password, PIN, or/and TPM in your computer. This is useful in case your computer gets stolen or someone tries to boot from another drive. It ensures that if someone inserts a USB flash drive with Linux on it, the attacker can’t read the files on the Windows drive or, more importantly, access the SAM file (where password hashes are stored). ...

What is the goal? The goal is to set up basic firewall rules to stop networks from communicating with each other and, more importantly, to stop IoT devices from talking to other devices. The reason we want to do this is because IoT devices are horrible for security. This is because vendors don’t update the devices or don’t update them often. If something has technology in it, it CAN AND WILL be hacked. It is a question of when and not if. So to stop other devices from being affected, just cut them off from the network. ...

What is OpenVAS? OpenVAS (Open Vulnerability Assessment System) is a comprehensive vulnerability scanner and security assessment tool. It’s part of Greenbone Security Manager and performs network security testing by scanning systems for thousands of known vulnerabilities and misconfigurations. The tool uses a regularly updated feed of Network Vulnerability Tests (NVTs) to detect security issues, provides detailed reports, and can be managed through a web interface. OpenVAS is popular among security professionals and system administrators because it’s open-source and offers capabilities similar to commercial vulnerability scanners. ...

What are ACLs? ACL (Access Control List) is a technology that allows administrators to control access to the network by filtering packets based on source/destination IP, layer 4 ports, etc. This is set on the interface either inbound or outbound. The list is processed from top to bottom. So if you have a list that goes 2,3,1, the order of processing would be 2 then 3 then 1. Types of ACL There are two types: extended and standard. The difference is that standard ACLs are only based on source IP address, but extended ACLs are based on source/destination IP addresses or port numbers. Standard ACLs can only use numbers 1-99 or 1300-1999. ...