RedGalahad Nov 11, 2022

I want to start doing some sort of security related project. But I don't know where to start.

I feel like just setting up a server for the hell of it is pointless, I want to do something with purpose. What were everyone's projects that they worked on?

Show threadRedGalahad Nov 12, 2022

I considered blogging but I don't think any of my work Is particularly interesting and I'm trying to learn new skills.

I've done the basics Pi-hole server, Nextcloud server, and ran a small home lab till my electric bill nearly gave me a heart attack.

Has anyone got any experience with Wazuh? i think that'd be a good step but im so lost with it

Show threadMatt Franz
@RedGalahad I have bad memories of ossec and generally muck around with osquery instead (besides commercial EDR) but I should probably keep an open mind.
Nov 12, 2022 at 11:47pmWeb
Show threadRedGalahad Nov 12, 2022
@mdfranz I basically need some sort of SIEM or server to ingest all the logs and alerts I get, but I have zero budget for software or outsourcing. so I'm a little dead in the water
Show threadMatt FranzNov 12, 2022
@RedGalahad These are the options I've used. Free version of Humio Cloud or https://opensearch.org/docs/latest/opensearch/install/docker/ if you can tolerate [Elastic|Open]Search.
Docker

Why use OpenSearch with Docker?

OpenSearch documentation
Show threadRedGalahad Nov 13, 2022
@mdfranz I know nothing about elastic search, I'll have a look into Humio cloud though, looks fairly decent. Thanks :)
Show threadMatt FranzNov 13, 2022
@RedGalahad I THINK they still have free instances. Been a while since I logged into my account. ES/OS is definitely painful but you can learn a lot of things about distributed systems. The hard way.