Installation:
#apt-get update
#apt-cache policy snort
#apt-get install snort -y
Testing:
#snort -T -c /etc/snort/snort.conf
Execution:
#snort -c /etc/snort/snort.conf -A full -D -s
Tuesday, February 10, 2026
Install and deploy OSSEC at Ubuntu 24.04 on 20260210
Installation:
#sudo apt update
#sudo apt install -y build-essential make gcc wget tar \
libpcre2-dev zlib1g-dev libssl-dev libevent-dev \
libsystemd-dev libsqlite3-dev systemd-dev
#cd /usr/local/sbin
#wget -q -O - https://updates.atomicorp.com/installers/atomic | bash
#apt-get update
#apt-get install ossec-hids-server
Monday, February 9, 2026
[Docker] Docker Compose
Step 0: Download the Container
docker pull testcontainers/sshd:1.3.0
Step 1: Save the File
Copy the code below and save it as a file named docker-compose.yml in a folder on your computer.
YAML
-----
services:
sshd:
image: testcontainers/sshd:1.3.0
environment:
- PASSWORD=your_secure_password
ports:
- "10022:22"
-----
Step 2: Run the Command
Open your terminal or command prompt, navigate to the folder where you saved the file, and run:
Bash
-----
docker compose up -d
-----
up: Tells Docker to create and start the containers defined in the file.
-d: Runs the container in "detached" mode (in the background) so it doesn't lock up your terminal window.
Step 3: Verify it's Running
You can check if the SSH server is active by running:
Bash
-----
docker compose ps
-----
This should show the sshd service running and mapped to port 10022.
How to actually "use" this specific container
Since this is an SSH server (testcontainers/sshd), its main purpose is to let you log in or create tunnels.
To log in to the container's shell:
Bash
-----
ssh root@localhost -p 10022
-----
(When prompted for a password, use your_secure_password as defined in the YAML file.)
To create a reverse tunnel (the "Testcontainers" way): If you have a service running on your actual computer at port 8080 and you want this Docker container to see it, run this from your computer:
Bash
-----
ssh -R 8080:localhost:8080 root@localhost -p 10022
-----
Now, if you were to enter the container (using the login command above), you could run curl http://localhost:8080 and it would reach the app on your physical machine.
How to Stop It
When you are finished, go back to the terminal in that folder and run:
Bash
-----
docker compose down
-----
This will stop the container and clean up the internal network it created.
Thursday, October 9, 2025
Install Microsoft Intune at Ubuntu
https://learn.microsoft.com/en-us/intune/intune-service/user-help/microsoft-intune-app-linux#install-microsoft-intune-app-for-ubuntu-desktop
Friday, October 3, 2025
[ransomware] No more ransom
https://www.nomoreransom.org/
crypto-sheriff: Able to identify the category of Ransomware
decryption-tools: Providing download of Decryption tools
report-a-crime: A collection itemizing links of law enforcement agencies
Sunday, June 15, 2025
[Chrome OS] Install Qemu and run Kali on Chrome OS
Start Penguin
Run the following commands
$ sudo apt-get update
$ sudo apt install qemu-kvm libvirt-clients libvirt-daemon-system bridge-utils virtinst libvirt-daemon virt-manager
Go back to Chrome OS's Start button and run "Virtual Machine Manager".
Download Kali qemu version to an USB flash drive before plugging the drive into Chrome OS.
Wednesday, April 16, 2025
Subscribe to:
Comments (Atom)