RedGalahad 

I want to start doing some sort of security related project. But I don't know where to start.

I feel like just setting up a server for the hell of it is pointless, I want to do something with purpose. What were everyone's projects that they worked on?

Nov 11, 2022 at 6:10pmWeb
Show threadRedGalahad Nov 12, 2022

I considered blogging but I don't think any of my work Is particularly interesting and I'm trying to learn new skills.

I've done the basics Pi-hole server, Nextcloud server, and ran a small home lab till my electric bill nearly gave me a heart attack.

Has anyone got any experience with Wazuh? i think that'd be a good step but im so lost with it

Show threadWaLLy3K Nov 12, 2022
@RedGalahad The electricity bill is such a problem, especially with the significantly rising costs as of late. Power wise, I can comfortably budget a router, POE switch, a NUC and four 3.5" drives for it to be accepted by the household minister for finance 😅​
Show threadRedGalahad Nov 12, 2022
@wally3k It honestly wasn't even much of a lab. Single HP Microserver with hyper-v running on it, Old Watchguard firewall i got free, Switch I got off ebay, NAS, and Pi server.
Show threadWaLLy3K Nov 12, 2022
@RedGalahad The microservers can be a real power hog, from what I recall on /r/homelab
Show threadMatt FranzNov 12, 2022
@RedGalahad I have bad memories of ossec and generally muck around with osquery instead (besides commercial EDR) but I should probably keep an open mind.
Show threadRedGalahad Nov 12, 2022
@mdfranz I basically need some sort of SIEM or server to ingest all the logs and alerts I get, but I have zero budget for software or outsourcing. so I'm a little dead in the water
Show threadMatt FranzNov 12, 2022
@RedGalahad These are the options I've used. Free version of Humio Cloud or https://opensearch.org/docs/latest/opensearch/install/docker/ if you can tolerate [Elastic|Open]Search.
Docker

Why use OpenSearch with Docker?

OpenSearch documentation
Show threadRedGalahad Nov 13, 2022
@mdfranz I know nothing about elastic search, I'll have a look into Humio cloud though, looks fairly decent. Thanks :)
Show threadMatt FranzNov 13, 2022
@RedGalahad I THINK they still have free instances. Been a while since I logged into my account. ES/OS is definitely painful but you can learn a lot of things about distributed systems. The hard way.