you need this FREE CyberSecurity tool
Переглядів 1,169,368
День томуThe Wazuh Marketplace app was temporarily hidden in Cloud Manager v1.98.0 while they investigate and resolve a critical error resulting in broken deployments. It should be back real soon!
Deploy Wazuh in the cloud with Linode: ntck.co/linode (Get $100 for 60 days as a new user!!)
In this video, we discuss the best free cybersecurity tool you need to try: Wazuh. This open-source Security Information and Event Management (SIEM) system is the ultimate tool to help you protect your devices and networks like a cybersecurity expert. We'll show you how to deploy Wazuh, monitor changes to files and the Windows registry, detect unauthorized processes, and more. Plus, we'll discuss the importance of understanding blue team defense and how Wazuh can help you become a cybersecurity expert.
LINKS:
---------------------------------------------------
-WAZUH OVA INSTALL: documentation.wazuh.com/curre...
-Wazuh DOCKER Documentation: documentation.wazuh.com/curre...
-NetworkChuck Windows fundamentals course: ntck.co/windowsfundamentals
🔥🔥Join the NetworkChuck Academy!: ntck.co/NCAcademy
**Sponsored by Linode Cloud Computing from Akamai
SUPPORT NETWORKCHUCK
---------------------------------------------------
➡️NetworkChuck membership: ntck.co/Premium
☕☕ COFFEE and MERCH: ntck.co/coffee
Check out my new channel: ntck.co/ncclips
🆘🆘NEED HELP?? Join the Discord Server: / discord
STUDY WITH ME on Twitch: bit.ly/nc_twitch
READY TO LEARN??
---------------------------------------------------
-Learn Python: bit.ly/3rzZjzz
-Get your CCNA: bit.ly/nc-ccna
FOLLOW ME EVERYWHERE
---------------------------------------------------
Instagram: / networkchuck
Twitter: / networkchuck
Facebook: / networkchuck
Join the Discord server: bit.ly/nc-discord
0:00 ⏩ Intro
1:31 ⏩ what do you need??
2:31 ⏩ Installing Wazuh in the Cloud
5:11 ⏩ let’s see if our wazuh is ready
6:23 ⏩ Wazuh Docker Installation
9:43 ⏩ Adding agents in Wazuh
13:27 ⏩ secure configuration assessment
14:39 ⏩ security events
14:52 ⏩ vulnerabilities
15:25 ⏩ Windows hosts - integrity monitoring
16:38 ⏩ FIRST: file monitoring through windows
20:41 ⏩ changing the interval
23:06 ⏩ key changes
23:56 ⏩ SECOND: Actions
25:06 ⏩ Active response
27:44 ⏩ Vulnerabilities
29:13 ⏩ Slack Alerts
31:29 ⏩ Outro
AFFILIATES & REFERRALS
---------------------------------------------------
(GEAR I USE...STUFF I RECOMMEND)
My network gear: geni.us/L6wyIUj
Amazon Affiliate Store: www.amazon.com/shop/networkchuck
Buy a Raspberry Pi: geni.us/aBeqAL
Do you want to know how I draw on the screen?? Go to ntck.co/EpicPen and use code NetworkChuck to get 20% off!!
fast and reliable unifi in the cloud: hostifi.com/?via=chuck
Wazuh is an open-source Security Information and Event Management (SIEM) system.
Wazuh can help protect your devices and networks like a cybersecurity expert.
This video discusses the best free cybersecurity tool - Wazuh.
You'll learn how to deploy Wazuh, monitor changes to files and the Windows registry, detect unauthorized processes, and more.
This video covers the importance of understanding blue team defense and how Wazuh can help you become a cybersecurity expert.
Wazuh is the ultimate security tool for monitoring changes to files, the Windows registry, and detecting unauthorized processes.
By deploying Wazuh, you can become a cybersecurity expert and protect your devices and networks from cyber attacks.
Wazuh uses the Mitre attack framework, compliance, SCA, and security events to help you protect your devices and networks.
Wazuh's slack integration enables you to stay up-to-date with alerts and active responses.
#wazuh #cybersecurity #free
@santiago.bassett 9 місяців тому
Wazuh founder here. I love the video! Thank you Chuck. Currently our team, in collaboration with our users community, is working on improving Wazuh, making it easier to use and more capable. We are motivated to create a quality, free, and open-source alternative to the prevalent commercial solutions. Indeed, we want to help democratize access to these kinds of security products.
@leongcheechong1681 9 місяців тому
Hi Founder Is there any Wazuh certificate good for us ?
@ponnurangamh6093 9 місяців тому
Wonderful, Good to know staying Open Source forever and the Community will take care of the rest. Thanks Chuck for making this awesome content.
@tygi 9 місяців тому
are you going to make adding a Synology NAS as an agent easy?
@FranckEhret 9 місяців тому
Wazuh support is GREAT (even for home lab users), thanks for everything! 👌😉
@pavelsimanovsky5622 9 місяців тому
One of (if not THE best) tools i ever used. so complete, so all-around...Thank you for keeping it open source and free
@neerajbabu6643 9 місяців тому
We need more self hosted security and blue team content.
@NK-iw6rq 9 місяців тому
No we don't, we need more red team content ! #EthicalH4ck3rs
@Makeitblueagain 9 місяців тому
What
@jaap7374 9 місяців тому
I would like to learn more about vulnerability scanning and network monitoring. I have been playing a bit with OpenVAS, but its not the easiest thing to learn.
@vagabond8460 9 місяців тому
People are way too attracted to red team cybersecurity when that’s only a niche corner of a massive industry. Blue team NEEDS the spotlight once in a while
@NK-iw6rq 9 місяців тому
@@vagabond8460 I am in cyber security, Red Team should definitely be learned by all cyber professionals because nowadays even a blue team analyst needs to be somewhat familiar with pen testing methodologies to understand how an attacker is trying to gain access to data or a system.
@obiwan-hf1vp 9 місяців тому
Security Professional here! Awesome video Chuck!! Any newer security analysts, do this lab and continue to monitor and work with this tool!! If I saw this lab on your resume your application would be at the top. These are real world skills you will use daily working in a Security Operations Center. I have been sending this video to any junior analysts I know. Thank you again Chuck for the great content!! Would love to see more blue team content like this!
@yoruasa1 9 місяців тому
Hey Obiwan! Willing to connect for me to do an informational interview?
@Drew-C- 9 місяців тому
Can double confirm. I use overpriced versions of what we saw above (nearly feature-for-feature) in my enterprise work nearly every day. LEARN THIS.
@jjann54321 9 місяців тому
I agree 100%, if people interested in becoming a sec pro/SOC analyst would stop playing with Kali Linux and spin up a Security Onion VM their time would be much better spent. I understand all the "cool kids" want download TOR (and never use it), hide behind a free VPN and run nmap scans after browsing Shodan but that's just not reality or valuable to anyone.
@j5f4 9 місяців тому
@@yoruasa1pp
@Gips667 5 місяців тому
Thank Chuck for this video, and to you kind sir for great input, I'm transitioning to security field with my 38 years and your comment will help me a lot! Wish me luck!
@kukuxumusu82 9 місяців тому
Dude, you're the best! As a hardcore dev of over 15 years who ended up moving into business / tech strategy role and then returning to hands-on tech both as a fun hobby as well to fulfill a practical need to remain current with the detail to be effective in my job, your videos and topic range tick all the boxes. You've mastered the art of both providing sufficient depth and explanation at speed so as not frustrate viewers like me that often eyeroll at videos speaking at the "noob" level, while also being equally helpful to those learning for the first time that are noobs. Love the content, depth, pace, and wide range of topics. Keep it up, if you don't have one already, NUMBER ONE FAN, RIGHT HERE!!
@U_CantTouchThis 8 місяців тому
Thank You Chuck ... :) A year ago, when I first saw your channel, you became my inspiration to change my life. I changed my career and since June 2023 I have been working in IT :) Great channel keep it up :) You're doing a great job!
@zathrasjr 9 місяців тому
Thank you Chuck! I work for a security company that sells a SIEM product, but my access is very limited, and information is not shared (security people tend to be tight lipped). With Wazuh I can finally try out these concepts without limitations, and learn the terminology so that I'm speaking the same language as the engineers I work with. Wazah will be going on a spare NUC this weekend, so thanks for giving me something to do this weekend!
@RaymondVegaBoomBoomRay 9 місяців тому
Absolutely enjoyed this video! I setup my own Wazuh Server running on CentOS previously; However, your tutorial has been instrumental on setting up my Wazuh to monitor my environment. The Active Response was something I was not even tracking on previously and can be a huge time saver in configuring your webservers to do exactly what you can do in Wazuh (e.g., blocking logon attempts). Definitely bookmarking this video as I work on that portion and other configurations. Waiting for Wazuh to implement support for running vulnerability scans on Amazon Linux 2023 servers, hopefully I can turn that on soon! Thanks Chuck!
@15_FPS14 9 місяців тому
ANNM1T is my safety asset along with tether so i'm really glad to hear all this!! thank you very much
@andrewmitchell734 9 місяців тому
I utilize Tenable at work, very similar to this. Was looking for a good lightweight home lab alternative and this is very helpful. . . will definitely be tinkering around with this.
@jjann54321 9 місяців тому
Hey Chuck! I know you'll never read this, however, you should try spinning up a Security Onion VM in your internal lab/farm and check it out. Wazuh is just ONE of that many SIEM apps/utilities included. It could make for a lot of quality content if you did a brief "intro/overview" on each of the apps (Playbook, FleetDM, osquery, CyberChef, Elasticsearch, Logstash, Kibana, Suricata, Zeek, and ofc Wazuh). For your followers interested in SOC Analyst/Cybersecurity, this would be a great taste of reality for those perusing that career path. Yes it's open source (free). Just an idea.
@NetworkChuck 9 місяців тому
Adding it to the list !
@S60Rguy 9 місяців тому
@@NetworkChuck Yes please! I was introduced to Security Onion years ago at a local BSides event. This was back when they still used Snort for their IDS. The main issues I saw most users complain about were the amounts of log storage required and the fact that most of today's traffic is encrypted. It's claim to fame has always been its ability to provide contextual data around events, but with everything now using encryption (even DNS queries via settings in modern browsers) I imagine it's ability to peer into network activity has been somewhat diminished. If I'm wrong in assuming this please correct me. Might also be a good topic to address in that video. This video on Wazuh was great though, thanks Chuck!
@luce985 9 місяців тому
@@NetworkChuckyour mother will get pregnant by my malware ...
@user-wz7pw7sp7r 5 місяців тому
Dude, I have to say, you never fail me bro. It doesnt matter what cyber question i have, you have a video for it. I found this one in a frantic rush to find a SIEM i could use for a proof of concept for the course I am studying and it was AMAZING! Easy to set up thanks to your walkthrough but also the run down on config, so helpful and will be so good to learn the ins and outs of blue team and defense. So, thank you mate, really appreciate your work!
@sashay404 8 місяців тому
Always a pleasure to watch your videos! You're so knowledgeable and not condescending. Keep up the good work!
@ayseertas3434 9 місяців тому
Hey *Metaspyclub* what an amazing work this has been and with all the crazy detection that you guys make possible. You guys take hacking to a whole new level and get the job done ASAP!!! I'm wondering what are all your personal qualifications?I don't think that it was ever mentioned before.
@hule8899 9 місяців тому
Just a hint, instead of manually changing configuration on each host, its better to use shared configuration in the admin console. You can make groups out of agents and apply taht shared config to specific groups. Much easier to do it once than changing for example 200 config files or making script for AD to copy that config file.
@NK-iw6rq 9 місяців тому
Great tip!
@fernandomendieta5463 9 місяців тому
Maybe another aporoach could be using the Wazhou API and Ansible, in that way you can make invidividual scripts or playbooks for the different os or servers uses, like back, front, middle, database.. each one with specific config
@-someone-. 9 місяців тому
Thanks for the tip! Also, do you think a raspberry pi 4b 8gb model would be able to run wazuh?
@Anyobservation 9 місяців тому
@@-someone-. I would assume it depends largely on how much data you need to process. As long as there are no dependency issues, it should be able to handle small scale monitoring.
@-someone-. 9 місяців тому
@@Anyobservation i tested it out, and it’s ok, but elastic siem (running on kali purple) actually worked faster.
@AstralRaver 3 місяці тому
Installation went perfectly fine and what a useful tool indeed! Thank you. I have to add that your channel is great and very practically useful so please keep up the good job.
@servicesrestreamed6407 8 місяців тому
Hi Chuck. This is probably one of the best you've done yet. Keep up the great work!
@nunomoreira4678 9 місяців тому
Security Engineer here, great content on this video. I've been working with wazuh for quite some time now, and it's amazing how you can create your own rules, decoders, and custom integrations. Wazuh is a beast once you dedicate the time
@NatureBD0001 3 місяці тому
i need your assist! Help me if you can!
@carlorivas7653 9 місяців тому
Thanks man! I have several tools at work comparable to Wazuh, but I was looking for a vulnerability scanner... this looks great! I appreciate the time you're taking to research and prepare these kind of videos. Keep it up!
@TorCrypt1c_4740 9 місяців тому
I needed this 2 weeks ago. Thanks for the vid and can't wait to stand this up!
@rangefreewords 9 місяців тому
The coffee and personal cam video editing for audio coherence is top notch. ALVIIIN!!!
@marcmedeiros8857 9 місяців тому
As always, great blend of amazing content, information and entertainment. Keep up the great work!
@TravisHershberger 9 місяців тому
If you're only monitoring a small number of client systems, the $5/month Linode should work just fine. However, you have to create and mount additional swap space (swapfile in this case is easiest). Obviously not recommended for a production environment, but works fine for a home lab.
@alexmason7393 8 місяців тому
This actually pretty good solution for SIEM monitoring because we have multiple Windows BI tools environment in Azure, and sometimes we need to know what the developer did to fix the issue on prod and non-prod so the next guy shouldn't have any problem tracking down what the previous guy were doing to fix the issue
@raymondfb 9 місяців тому
Thank you Chuck for taking the time to make this video. this is very cool.
@Sladeofdark 9 місяців тому
It is great to see OSSEC still doing great things. this is the tool (Security Onion suite) that I got my real start with 10 years ago, and I STILL highly recommend the same stack because I have not seen an agent that does what the ossec agent does with the level of simplicity of setup. Man this makes me want to return to Security form Devops :) Thanks as always Chuck!
@MrJulianogiudice 5 місяців тому
I've started to follow you a week ago and I really enjoy your videos, including this one! Thanks a lot to bring us some information about security as well as a great tool like Wazuh, great job Chuck!
@lerooxx 9 місяців тому
Normally I don't watch such long videos, but this one was watched from beginning until end ;-) Thanks for it!
@SonOfJoy 9 місяців тому
Everytime you say Wazuh, it makes me think about that term "WAAAAAZUP!!" I'm currently attending a Cyber Security School and I just went through a module that taught about this application. Thanks for setting it up Chuck. Knowledge can't be used unless its applied to a real world scenario.
@sriharshareddy2291 8 місяців тому
Hey, I am planning to start my career in cybersecurity, I am experienced in devops and linux background for 13 years. Please let me know the directions or places where people discuss basics and please help me on that. @SonofJoy or @NetworkChunck
@KenPryor 6 місяців тому
Excellent video. I recently setup a Wazuh server at home and have several clients, both physical and virtual. It's remarkably easy to setup and so powerful. I still have much to learn and you taught me a few things in this video.
@Wahinies 7 місяців тому
Thank you for sharing your ideas on top of the primary subject matter along with your humor and charm. I feel like your videos help with memory retention just because they are so fun to watch
@jaytboricua12 9 місяців тому
That was an excellent tutorial. Have watched multiple Wazuh deployment videos and none of the ones I watched went into this much detail. I am not big into deploying anything on cloud infrastructure but I can see myself using all of the techniques you demonstrated. I would love to see the same level of tutorial for deploying Security Onion. Great job and thanks for so much knowledge shared over the years.
@Synclon 9 місяців тому
Chuck look like my Grandpa wearing those glasses 😂
@nerdbird8715 9 місяців тому
Your gramps is a baddie
@conm9891 9 місяців тому
Hopefully your grandpa wasnt brainwashed by a group of pedophiles in robes pushing their own agenda. Hopefully your grandpa is educated and doesnt believe in these fairy tales of bullshit known as religion.
@tomlocast2964 9 місяців тому
The loyal subscribers of Network Chuck must be cautious and mindful of any potential issues that may arise regarding his honesty and integrity in providing services.
@nostalgicnow6001 2 місяці тому
😂😂😂
@PaulMisner 9 місяців тому
I've had great experiences working with Wazuh. I thought it was interesting that you referred to it as a SIEM, which is correct, but I've always (or at least for the past couple of years) as XDR or EDR. The agent is so good and you can do so much with it. Security Onion includes this as one of the agents they work with, but I was so impressed with the web GUI native to Wazuh, I chose to just use that. Thanks again Chuck for adding to my home lab todo list.
@supremeicecreme1658 9 місяців тому
It does have both SIEM and XDR which are two separate things. From what I've just been reading, it does seem to blur the lines of the two a bit.
@hisoka44444444 9 місяців тому
You weren't kidding, extremely cool stuff, I'm for sure going to set this up this weekend or the next.
@Arville27 9 місяців тому
Great addition to my home lab, thank you
@poormillionaires6750 7 місяців тому
I have been watching your content since I was in grade 6 and to be honest you've played a mojor role in my wellbeing in this crazy tech world...your content is really amazing 💯
@Viking8888 9 місяців тому
DUDE! This was awesome! Thank you for going through this. I know several people that are going to love this!
@jackrobb1609 9 місяців тому
Hey Chuck, great video!! For those folks who do not have time to maintain a SIEM, how would you compare Wazuh to something like Blumira??
@AndrewSelkirkEh 9 місяців тому
Senior dev lead for one of the Gartner SIEM vendor's here for the past 25 years. We always pronounced it "SIM" internally, but ya, it is also called "SEEM" in the industry.
@therealbano2368 9 місяців тому
Chuck, I absolutely love your content and the way you teach! A major part of why I decided to pursue cybersecurity myself. Now as to this video, can you share how you’d configure wazuh to work with MacOS the way you showed it with windows?
@jonathanspangler1 9 місяців тому
Hey Chuck, I know chances of you reading this are pretty slim. However, I wanted to stop by and pay my respects. Because of you and your videos I was able to pull myself of a very dark place. After long hours and hard work, I passed the security + today. Thank you for the videos.
@NetworkChuck 9 місяців тому
The Wazuh Marketplace app was temporarily hidden in Cloud Manager v1.98.0 while they investigate and resolve a critical error resulting in broken deployments. It should be back real soon! Deploy Wazuh in the cloud with Linode: ntck.co/linode (Get $100 for 60 days as a new user!!) In this video, we discuss the best free cybersecurity tool you need to try: Wazuh. This open-source Security Information and Event Management (SIEM) system is the ultimate tool to help you protect your devices and networks like a cybersecurity expert. We'll show you how to deploy Wazuh, monitor changes to files and the Windows registry, detect unauthorized processes, and more. Plus, we'll discuss the importance of understanding blue team defense and how Wazuh can help you become a cybersecurity expert. LINKS: --------------------------------------------------- -WAZUH OVA INSTALL: documentation.wazuh.com/current/deployment-options/virtual-machine/virtual-machine.html?highlight=ova -Wazuh DOCKER Documentation: documentation.wazuh.com/current/deployment-options/docker/wazuh-container.html -NetworkChuck Windows fundamentals course: ntck.co/windowsfundamentals 0:00 ⏩ Intro 1:31 ⏩ what do you need?? 2:31 ⏩ Installing Wazuh in the Cloud 5:11 ⏩ let’s see if our wazuh is ready 6:23 ⏩ Wazuh Docker Installation 9:43 ⏩ Adding agents in Wazuh 13:27 ⏩ secure configuration assessment 14:39 ⏩ security events 14:52 ⏩ vulnerabilities 15:25 ⏩ Windows hosts - integrity monitoring 16:38 ⏩ FIRST: file monitoring through windows 20:41 ⏩ changing the interval 23:06 ⏩ key changes 23:56 ⏩ SECOND: Actions 25:06 ⏩ Active response 27:44 ⏩ Vulnerabilities 29:13 ⏩ Slack Alerts 31:29 ⏩ Outro
@adammiller9114 9 місяців тому
This is AWESOME!!! I've been looking for a great SEIM. Thank you for the video.
@cwasonfauna 9 місяців тому
Don't forget to change admin password... also bot mitigation on YT be slackin like a mfker
@eightbitoni 9 місяців тому
I would love to see more blue teaming, maybe next you can do sysinternals, great video
@FinancewithXibaobao 9 місяців тому
Got a System error 2 after doing NET START WazuhSvc
@tomlocast2964 9 місяців тому
It is crucial for the loyal subscribers of Network Chuck to be vigilant and aware of any potential concerns related to his honesty and integrity when it comes to delivering services.
@k1lldash9 9 місяців тому
I went and bought a simple 200 dollar HP refurbish to run this, in order to watch my Windows and Linux machines, this is truly a great product! Setup was a cake walk, I went Docker so I could keep on prem, but what a great addition to a home lab!
@user-zo9vo3pu5h 8 місяців тому
It was fantastic. Cannot wait to stand up the wazuh server for my 200+ server environments. Hopefully it will not scare me with millions of vulnerabilities.... Thank you Chuck!
@wolverine3030 6 місяців тому
As a cybersecurity content creator, it's essential to emphasize the significance of free and open-source solutions, while also raising awareness about the potential risks they may pose to your data and network security if not managed properly.
@Lafiro 9 місяців тому
As always @NetworkChuck this is awesome. Thank you for this. I will be testing this soon and then deploying it to all my virtual machines and client desktops that I manage. One thing I may suggest though and I will try to see if it works in this case; no punching a port through the firewall and instead using Cloudflare tunnel to access everything that is needed. Now if this works, it will be even more secure and no machine will be connecting back to the real server location. This is of course only good for those doing on-prem installs.
@bluxombie 5 місяців тому
As an elastic engineer, it is nice to see the many ways our stuff is used. Good job, Wazuh.
@bryanmontgomery610 9 місяців тому
This is awesome chuck! One thing I need a follow up on is how in the hell do you change the default login password? The Documentation on this is not very clear at all. Also why do they include a password "Change" option if it does not work. lol
@Pray4Tre 7 місяців тому
Ran into this same thing, this should not be so difficult
@Steven_nevetS 7 місяців тому
Same question?! Did you come right?
@lesanikuniku2153 9 місяців тому
Is it better than logrythm, arcsight, elastic/elk, splunk?
@keylanoslokj1806 9 місяців тому
Good question
@santiagosurt-li9zx 9 місяців тому
Man i was just planning on deploying wazuh and practice using it to get a job in wazuh lol this video comes in the perfect time
@scottuch3576 9 місяців тому
After just watching your video i I have implemented the wazuh on my organisation Thankyou bro Do more videos on free open source tools
@kennethshibaba4490 9 місяців тому
Great vid Chuck. As a Vulnerability Management engineer, I must say this has empowered me with great knowledge. 🙏
@kennethshibaba4490 9 місяців тому
Yes. Won't lie I could do with that. 😃
@onemoresmartone 9 місяців тому
How much data is Wazuh collecting on their "free customers"??
@keylanoslokj1806 9 місяців тому
Plenty
@bioman2007 9 місяців тому
Wazuh cluster spin up a local db and stores the data there. You can take a look at the code. That's the beauty of open source :)
@tomlocast2964 9 місяців тому
It is crucial for the loyal subscribers of Network Chuck to be vigilant and aware of any potential concerns related to his honesty and integrity when it comes to delivering services.
@delugedj 9 місяців тому
Chuck, just want to say thanks man, you make it fun to do tech learnings. Got my pfsense inspiration from you sir. Flat has never been so tight. My inner sys admin is telling me I need this 🤓 first step is lidarr though need me some lossless asap 😅
@datboyblu3 9 місяців тому
This is awesome!! I just got done playing around with it for about 15 hours! I used their documentation to integrate nmap scans into the manager. Unfortunately, no luck yet. I'm gonna go sleep now lol
@cybersamurai99 9 місяців тому
I love your videos bro, freaking awesome every single one of them!! - Im deploying this tonight thank brother, I am starting a cyber analyst job in two weeks, and your videos have helped me gain amazing skills over this last year
@theldun1 9 місяців тому
Dude, you are so much fun. Wish i had known you when i was growing up learning programing. I would have stuck with it.
@user-qy6xr2ju4i 6 місяців тому
Shout out from Dallas, buddy! Awesome videos!
@chichicoolzm1852 9 місяців тому
Thank you very much I've been really learning a lot from your channel as a Computer engineering student 😊Zambia here😅
@tmiles003 9 місяців тому
Awesome tutorial , love the energy and excitement you bring to teaching. Student for Life!
@theodoros_1234 9 місяців тому
This is incredibly useful, thank you for making a video about this! I'll make sure to install this on my server tomorrow.
@zMurdaaa 9 місяців тому
Amazing as always my guy. I deeply appreciate the guidance and knowledge. Blue team all day!
@charlesvanhorn53 7 місяців тому
Chuck you're the best. I don't even have words to express how grateful I am for all that you do in helping tech nerds like myself.
@FCOHDEZ27 9 місяців тому
I actually deployed it in my working environment to do all that you showed in the video. It is pretty pretty cool tool. I love it! Thank you for this video Chuck. You are a rockstar!
@nitrogarbo1589 9 місяців тому
Sorry to bother but I currently have it running on a VM but I'm trying to remote manage the web interface from another computer. How did you get that configured?
@tomlocast2964 9 місяців тому
It is advisable for the loyal subscribers of Network Chuck to be cautious and mindful of any potential issues with his honesty and integrity when engaging with his services.
@markus_265 8 місяців тому
Great video, started to deploy wazuh in our company and been blown away so far. Is it possible to configure active response actions on windows hosts as well or maybe even to trigger active response on other software (EDR/XDR) through an API connection?
@camilomartinez8727 9 місяців тому
I was thiking in what to do either Ossec or wazuh. After this I'm setting wazuh for sure. Great video.
@ohokcool 17 днів тому
Dude good looks! I set the indexer, server, and manager up in WSL2 then installed the client in my win11 host and enabled vulnerability detection which was able to find 2 critical vulnerabilities in my system including one that was arbitrary code execution!! You may have saved my homelab. I’m now vulnerability free
@MrRyanMonroe 9 місяців тому
YES!!! Thanks chuck. I've been looking for something like this. ❤
@siriondb 9 місяців тому
Good stuff. Wazuh has been popping off lately and that is definitely something nice to see!
@t4ir1 5 місяців тому
Dude I love your videos. Big fan! Thanks for all the help these past months in setting up my home lab!
@DeFi-Macrodosing 9 місяців тому
Chuck, love your videos - I'm not a professional in the field, but your videos have helped me a lot with my home networking projects!
@therealcaptainzaydenx 8 місяців тому
Great Tool Chuck! Thanks for the new knowledge for this Wazuh. I will try this right now and have some tinkering on it. thanks again!
@ettienebirkhoff2422 9 місяців тому
Love this. Can you please do a detailed video on how to use it and the features of it? Much love
@Angelizius 9 місяців тому
Hell yes, you did it! :P I started with Wazuh two years ago and implemented it in my business. Currently, I'm using the default Wazuh ruleset, and I've written around 200,000 rules, I guess. But anyway, getting alerts is a nice-to-have, and not logging everything is the best you can do. However, the almighty kill feature is the FIM Module and the active response. The Active Response will handle the firewall drop and block brute force attempts by itself. I configured the FIM module on a folder, let's say /root/fim_auto_ansible, and there is a cronjob that downloads the new version of auditd/rules.d daily. The FIM will only trigger the alert when the File-SHA is different. With a local_rule, you can trigger an ansible-playbook command that copies the new rule.d file to all servers and shows you the changes on the Wazuh dashboard in the alert log. I enjoy experimenting with some exciting configurations and rebuilding some stuff. I use OpenSearch to send the logs from the Wazuh-manager, first with Fluent-bit to Graylog in a JSON format. If you are using Wazuh with different tools and operating systems, you need to normalize the fields from a log to get better and faster searches. But this is really a deep dive into it. Keep up the great work!
@user-ur6tn6tp6h 7 місяців тому
Hey Chuck, I would like to thank you for every video about hacking. I am about to start as a cybersecurity analist junior. you motivated and inspired me. through this channel I have learned everything about hacking, I have followed your advises and put it in practice.Be blessed Chuck !
@johnlegend1360 9 місяців тому
Thanks Chuck!! Love your vids! Been away for a bit. Eventually though, I will be jumping into some things, such as installing my pf sense. Once I get into it I will binge your videos. Priceless UKposts tech info. Thanks a lot!
@bonchickenfry1595 5 місяців тому
I have a passion for cybersecurity and I never knew it. Thanks for showing me the basics 😊
@sasookay514 9 місяців тому
exactly what ive been looking for. thank you for telling us about this.
@kholius7445 9 місяців тому
A good video, as always! this bundle of SIEM is really interesstng to learn compared to other solutions, cause usually we have to manage agents, an ETL, a distributed DB and a Dashboard to deplay and answer. Here it looks like an All In One solution. I gonna start by this SIEM before an ELK Stack :) What if i need to mutate my data or just act on to segregate datas?
@deanballito 9 місяців тому
100x Thumbs up! You're my hero! I have been looking for a tool like this.
@turbojax07 9 місяців тому
Immediately sharing this with my cyberpatriot team!
@piusgabula 9 місяців тому
Could watch your videos all day so lively
@LRaptor99 9 місяців тому
This is exactly what I was looking for. Thanks
@mandy.coralde 8 місяців тому
this is a very informative video. Can't wait to have my own wazuh installed and running. thanks Chuck. More power.
@8eck 9 місяців тому
Akamai and Linode is the best of two worlds. I'm so happy that they are together now.
@iNimbleSloth 9 місяців тому
Going to try this right now in my home lab. Looks awesome!
@dionblundell9733 9 місяців тому
Thanks so much. I've been looking for something like this. I'll be installing it on my home Raspberry Pi 4. Interesting to see how it works...
@lixou 9 місяців тому
I just love it to get to know these tools. Those Videos are just amazing
@pedrovieira4313 9 місяців тому
This is great, would you recommend using this for a small buisness with around 50 endpoints and two servers? I manage a companies network and was looking for a way to better monitor network accessibility, etc.
@jcbenge08 9 місяців тому
This is so cool!!! I'll definitely be deploying this soon!!
@FranckEhret 9 місяців тому
Using it in my home lab/on my computers for almost 2 years now, so pleased with it! 🙂
@KC-rv5gu 9 місяців тому
Did you go offline with your setup or cloud (linode)?
@FranckEhret 9 місяців тому
@@KC-rv5gu I host everything myself, I think I learn more that way 😉
@Angelinajolieshorts 5 місяців тому
Your editings are next level ❤
@brennonoverton8277 6 місяців тому
Oh my gosh. I didn't realize this existed. I have been fighting with the self hosted ELK stack and standalone OSSEC agent for literally months and did not realize that is what this is, all packaged for me.
@jamesmackeysr.4811 9 місяців тому
Dope! Thanks for the tool and demo!
@KenSherman 9 місяців тому
I wazuh going to say nothing at first but the enthusiasm @20:12 was so palpable. 😆😂
@nic0038 9 місяців тому
Great video, as always. One question though: is Wazuh better than Uptime Kuma ?
@dazzypops 9 місяців тому
Meant in the best possible way - this was not siemless. Such a powerful tool! I think it was near the end when you said you'd ask a couple of people to block the ip of the nefarious person trying to log in - could this be done in the Wazuh config too I wonder, so that it's pretty much all automated?
@staticninja 9 місяців тому
Love the effort and can’t wait to dig into i This!
@user-si1im1cj1s Місяць тому
duuude! Love your vids, man! absolutely share your excitement in this stuff! Learning a ton!
@kingsley.chimezie 4 місяці тому
This is sick, can't believe I didn't know about it sooner! This is going to be a must from now on for my home and business servers.
Top Rank Boxing
Переглядів 1,7 млн
Гаражанин
Переглядів 669 тис.
spline
Переглядів 592 тис.