Correlation is a process performed by the correlation engine on OSSIM. The correlation engine reads all the directives on startup in order to match individual rules or events. OSSIM’s directives are defined using xml 1.0. Rules are build as logical tree consisting of 'if' and 'or' statements, joined them to provide reliable means of identifying attacks or network misbehavior. A ...
This post we will going to genrate alarm from ossim when custom event (attack or interested event) is occurred in our system. I will be using custom plug that we built. 1. Go to the “Data source”configuration -> threat_intelligence -> data_source 2. Then pick our custom data source (hello) which we created. (How to create OSSIM custom data source) 3. ...
Let write OSSIM plugin read hello log (which is my custom log file for this post). For this post I will call my plugin as ‘hello’ and it read log file called ‘hello. log’. Creating the plugin configuration file – hello.cfg CFG file contains fields called 'DEFAULT', 'config', translation and rules Plugins can be found in below location. we have ...
This post explain the steps to enable both OSSEC and SSH plugins in OSSIM. First we enable the plugins. 1. Update the ossim configuration variables at /etc/ossim/ossim_setup.conf Add ossec and ssh into the ‘detectors’ 2. As config is updated and now we run ossim-reconfig by ossim-reconfig -c -v –d 2.1 In SSH and OSSEC plugin config can be found in ...
module.exports is the object that's actually returned as the result of a require call. Modules use exports to make things available. The exports variable is initially set to that same object You can create nodejs application and include below codes for package.json { "name": "tutorial", "version": "1.0.0", "scripts": { "start": "node server.js" }} Then create two js files hello.js server.js ...
Need to install OSSEC and OSSIM in you network. First we extract key from OSSIM 1. Go to OSSIM web UI and navigate to 'environment' => 'detection'2. Click on 'Agents' 3. Pick agent and click on key icon for 'Extract Key' Add agent for OSSEC 1. From below command we can find agents /var/ossec/bin/manage_agents -l 2. Open “manage agents”/var/ossec/bin/manage_agents it ...
OSSEC can be called as Log-based Intrusion Detection System (LIDS). You will need nano / vim and wget install in CentOS. You can used below command to install them. yum install wgetyum install nano 1. Let’s download OSSEC wget -U ossec http://www.ossec.net/files/ossec-hids-2.8.2.tar.gz 2. unzip ittar xf ossec-hids-2.8.2.tar.gz 3. Open host-deny.sh vim active-response/host-deny.sh 4. Remove spaces in below locationeg: TMP_FILE = ...
In this post contains some tips on using the setTimeout() and setInterval() functions in nested manner and using JavaScript reference in those. setTimeout() is used to call function after period of time. setInterval() is used to call function in a loop of time. There is function x(){} which need to called after 30 seconds.setTimeout(x(), 30000); Now I need to call ...
This post how to enable CORS in Node. CORS means cross-domain requests. Simply using below line of code in the application respond level will solve CORS issue. res.header("Access-Control-Allow-Origin", "*"); By below lines enable CORS for all the routes in that server. app.use(function(req, res, next) { res.header("Access-Control-Allow-Origin", "*"); res.header("Access-Control-Allow-Headers", "Origin, X-Requested-With, Content-Type, Accept"); next();}); you can add this for resources files ...
In here we will try to mange session in node application. Here are the dependencies which is used in this sample "dependencies": { "express": "^4.8.7", "express-session": "^1.7.6" } express-session module needs express. Therefore you have to add express in your project also. var express = require('express');var session = require('express-session');var app = express(); session can be initialized by below code. Here ...
DHIS 2 [1] is health management information system and DHIS Mobile covers the wide area of mobile development related to DHIS2, with focus on a wide portfolio of solutions for utilizing mobile technology. Let build dhis2-android-dashboard from source [2]. 1. Get git clone from source [2]. (You can use ‘legacy’ branch for build for now, No breaks) 2. Get SDK ...
I need rename some files in dir after processing some regex on there files names and files types. I was looking for terminal / cmd command for this. Put I just wrote python script in few minutes (2 mins) and it works. It make my life easy with my PC. In the directory there are huge amount of files with ...
It is fast and quick, just only two steps 1. Get the setup curl --silent --location https://rpm.nodesource.com/setup_4.x | bash - Note --location If the server reports that the requested page has moved to a different location this option will make curl redo the request on the new place. --silent Makes curl mute (silent mode). Don't show progress meter or error ...
Requirements Wheel: It is a built package that can be installed without the build procespip install wheel Twine : It is a utility for interacting with PyPIpip install twine Configuring a Project Here are files that will needed in root level. setup.py : It contains a global setup() function. The keyword arguments to this function are how specific details of ...
Data Validation Data validation is a process of ensuring data in zeppelin is clean, correct and according to the data schema model. Data validation provides certain well-defined rule set for fitness, and consistency checking for zeppelin charts. Here is more about data validation types. Where the data validator is used in zeppelin? Data validator is used in zeppelin before drawing ...
Why Charts are important in zeppelin?Zeppelin is mostly used for data analysis and visualization. Depending on the user requirements and datasets the types of charts needed could differ. So Zeppelin let user to add different chart libraries and chart types. Add New Chart LibraryWhen needed a new JS chart library than D3 (nvd3) which is included in zeppelin, a new ...
Zeppelin is using leaflet which is an open source and mobile friendly interactive map library. Before starting the tutorial you will need dataset with geographical information. Dataset should contain location coordinates representing, longitude and latitude. Here the online csv file will be used for the next steps. Here I am sharing sample dataset in gist. 1 import org.apache.commons.io.IOUtils 2 import ...
Install Ruby Version Manager (rvm) curl -L https://get.rvm.io | bash -s stable --ruby Then check which rubies are installed by using rvm list ruby -v you can then switch ruby versions using rvm use 1.9.3 --default If not install you can install by rvm install ruby-1.9.3-p551 Now we have correct version start building app gem install bundler To start serve ...
Data validation is a process of ensuring that a program operates on clean, correct and useful data. Data validation provide certain well-defined guarantees for fitness, accuracy, and consistency for user/stream/data input into an application. It can designed using various methodologies, and be deployed in any of various contexts. Different kinds of data validation Data type validationIt carried out on one ...
1. Install grunt, bower, yo.. etc. If you have miss any.npm install -g grunt-cli bower yo generator-karma generator-angularYeoman is used to generate the scaffolding of your app.Grunt is a powerful, feature rich task runner for Javascript.2. Install the AngularJS generator:npm install -g generator-angular3. Generate a new AngularJS application.yo angular The generator will ask you a couple of questions. Answer them ...
