Collaborate Disseminate
In the last few weeks I’ve been having some problems with some users who are scanning our server for files, and in those searches they generate a lot of errors.
That’s why I installed fail2ban, it turns out that not all the errors I’ve bee… Continue reading How to create custom rules for fail2ban in Apache?
I have the Apache error.log file that has some access attempts that generate the errors below:
AH00082
AH01630
AH02430
AH00126
Is there any way to read the error.log file every minute, find the IP that generated this error code about 5 t… Continue reading Analyze Apache Logs and block IPs for errors
I have several servers that must be exclusively accessible only on the internal network, for example database, which can never be accessible via internet.
And also cases that they can only be accessed by specific IPs, for example, access v… Continue reading How to actively monitor open ports on servers
We have a situation where our company’s operators need to authenticate with a 6-character OTP on some websites.
For security reasons, we don’t want them to use an app (eg.: Authy) on their personal smartphone or install OTP generator softw… Continue reading How to use MFA without relying on a smartphone? [closed]
I have an app that sends emails to customers, and I’ve noticed a large number of spammers signing up to send spam to users, taking advantage of the tool for sending notifications to customers by email.
Even with the Cloudflare firewall, I … Continue reading How to stop spammers registration?
Receives audio stream from external url then send to webrtc server, which will broadcast to listeners.
Is there some hint for it?
Continue reading Relaying audio stream from external http url to webrtc [closed]
I have a PHP system and I need to store some tokens for operations like:
Database username and password
API token
Keys for encryption
It turns out that for a long time only I manage the source code, but soon other people will need to mai… Continue reading Best practice for storing security tokens in source code [duplicate]
How can I get the SOF-ELK VM to inject the IIS logs like the httpd logs. Here are my filebeats yml configs:
/etc/filebeat/filebeat.yml
filebeat.config.inputs:
enabled: true
path: /usr/local/sof-elk/lib/filebeat_inputs/*.yml
filebeat.c… Continue reading Need help configuring SOF-ELK Sans to parse IIS W3C logs
I’m using OSSEC server to monitor machines with OSSEC agents, which monitor this login via SSH, file creation, etc.
I have configured OSSEC to send an email when it detects a problem, but this control mode is very bad for data control and … Continue reading How to analyze/monitor OSSEC logs on Ubuntu
Today I use OSSEC as HIDS, but reading Wazuh’s site it seems to be more modern and has more resources.
I saw that it has an Elastic Stack integration, something I don’t interested about due to using Java and using a lot of server resources… Continue reading Monitor logs managed by Wazuh and OSSEC