Time
6 hours 28 minutes
Difficulty
Intermediate
CEU/CPE
7

Video Transcription

00:00
Welcome back to the savory course in building. You're in for a sec lap. I'm your host and instructor Kevin Hernandes.
00:06
In our last lesson, we installed a free version off Splunk. One of the top. Yes, I am players out there in the market.
00:14
In today's lesson. We'll go over O s s. I am Oh, awesome. From animal
00:20
Company by AT and T It is also a tool that at this level it's free of charge and can use in your lab.
00:28
Now let's get started.
00:30
Let's go ahead. And it's Tello's.
00:34
So creating a machine
00:37
just took
00:38
Muslim
00:41
other. And there
00:47
nix.
00:48
Next
00:51
I ask you to cp use sister giggsfirst
00:56
skid. Uh,
00:58
for Graham.
01:00
Give it 45 Storch and everything else
01:04
you just say,
01:07
make sure you pick the image disk. It's not loaded yet. So the school ahead and load it on the radio emissions. How low? T
01:15
Yes.
01:19
Now, both, um, it's basically the free version off alien bolt
01:23
and we're only gonna show the quick installation. If anything, when we actually look into awesome, we're gonna look at the *** only half online for free and base. Aren't research be on that
01:36
the reason why I do this is because awesome in the *** well already has a lot of locks in it, and their first gonna have on provide us a better view on what it's needed in a real time environment, so to speak.
01:51
Another reason we're only gonna install This is first of all, our storages. You're getting relatively small at this time.
01:59
Second,
02:00
Olsen is to free variant of edible, and an involved itself offers a free *** online.
02:06
Therefore, we can utilize freedom in order to more familiarize with the products that are available out there. Now
02:14
you won't be able to use a free demo indefinitely, and it's only like cloud version.
02:19
Therefore, it's more so you can familiarize with how s I am, Sze work and most likely what will be provided to you, if you will by this part for your enterprise.
02:29
So select the image
02:31
and listen next
02:34
verify everything looks okay for two
02:37
45 lets it finish.
02:40
And there's those, um, let's go ahead and start the machine
02:46
and see how it goes.
02:47
There we go. You can start a system or a sensor. So that's the system itself.
02:57
Here we have the lynch was selector,
03:00
screw in English and hit.
03:02
For some reason, the keyboard amounts not properly
03:08
go in there.
03:09
Okay,
03:12
United States
03:14
and knowledge not detecting the hardware
03:16
in the city,
03:23
and it's installing its components looks a lot simpler than curator. To be honest so far,
03:42
the I P addresses unique to your computer and maybe for number supper by periods look accident ful if you don't know what to use your conciliate network administrator. Okay,
03:52
so let's assign an I P address for this.
04:00
We'll see which I p The P M has been a sign
04:02
you can see at this moment. No. Eight p address has been assigned.
04:05
Let's just give it a random one.
04:09
You feel for the best.
04:13
That's that's correct.
04:15
Gateway P is correct.
04:18
That's correct.
04:20
Let's see what happens to her
04:29
candy
04:34
after the night. Worse configure, it will require you to put in some credentials.
04:41
Let's go ahead. Put some credentials in
04:44
you continue.
04:46
Most continue with insulation.
04:58
It's like time so
05:02
sloping additional components are petitioning
05:06
gonna formatting.
05:11
I'm installing the system now
05:15
You don't go ahead and possibly your 1st 2nd?
05:17
No, we're about five
05:19
for eight minutes in
05:21
after we policy video and it's still the process. Installation
05:27
looks pretty much done, however.
05:29
We're not sure of that career. About 29% actually seem to have finished installing
05:36
D s. I am. You can see here interface I'd be So let's make sure we take a snip. It's not that
05:50
copy. Let's add it back to our sheets
05:58
at the name.
06:00
Let's see it.
06:04
Hey,
06:05
let's let you.
06:14
And there, you know, it says to access the Web interface to go to that I p right.
06:18
So let's go ahead.
06:20
Actually
06:26
exit this.
06:27
Let's go to that interface
06:29
one night to that once excited that one don't want to. Three.
06:33
So when I 2.168
06:36
Wonder wanted,
06:42
Let's get a second.
06:45
Who wants your lug in? You're gonna get the traditional warning.
06:54
Let's give it a second fertile owed you got here. You'll start filling up information. Kevin past hurt
07:13
email. I'm gonna pulse toe Philip. The other information.
07:18
Once you complete an information to 1% of what admin page
07:42
and you're Logan.
07:45
So you're about to see at least reconfigure critical security capabilities. Very minimal one. Never monitor figure not wearing tutus and monitor network track for threats to discover assets. Olson will perform this curry scan to detect at six and three, collect locks and monitor assets. Monitor assets, Locks on alone. Suspicious Ex City. So let's go ahead. Let's start.
08:03
Let's see if it actually detects anything,
08:05
Okay, it didn't find her management interface,
08:09
So let's click next
08:13
and found a host
08:16
Windows host.
08:18
Okay, so let's can the network.
08:22
Well, let's skin there.
08:24
You sit
08:31
management interface until we can figure
08:35
the device properly. This might not work with the hits Next
08:41
Sting. For each ideas, it lets his next and skipped it.
08:50
Skip this temp
08:52
and ask if you want joining the exchange opened. Turn exchange. Let's skip it.
08:58
It's finish.
09:01
Let's explore it now
09:03
so you have a dash for it
09:09
with some information, right?
09:11
No authentication alerts, system
09:13
and excess. And this is a lot more info you're seeing now, versus you know
09:20
what we saw from curator and Splunk by default.
09:24
Now this is most likely information from the system itself, and we won't know until we actually get into the needy greedy of it. So let's just click on one. Let's see what happens,
09:48
it's in Here we go.
09:50
You see here a couple of events the risk and M bald session opens session clothes.
09:58
This this mostly
10:00
D This divides itself.
10:03
Figure a real time. We might be seen on a couple events
10:07
room
10:09
you ever take. You can see now out of memory.
10:11
That's a citizen risk. And honestly, this is because we estimated it very little amount of ram,
10:16
so just be aware of that.
10:22
If we have the assets, you have a window, sits be slashed. Alison,
10:26
we have the and unbolt system.
10:31
You can sit name groups
10:35
to buy it and the lands
10:37
that were groups
10:37
into skins.
10:43
It also create reports on no alarms.
10:48
This is same pack tough events, et cetera,
10:52
since pretty easy,
10:54
pretty simple compared to other s. I am sze.
11:01
You can actually look at different alarms right now.
11:05
We don't have any
11:07
security events.
11:09
Yeah,
11:11
session close. So let's cloak into that and look further
11:13
and here you can see that it came from the center from this I p.
11:20
And it's an authentication event for a log out,
11:24
right? And it's a system log.
11:26
You just throw a lot of it letter here in the bottom, you have to actual payload of the event.
11:33
And this is really where the need a greedy gets into any. Yes, I am these type of events themselves. It's what you will be. You see things such as rash, Jax, if you wanna build custom data inputs into other applications
11:50
and this is where we're gonna leave all this aside, I am for now.
11:54
Once we get into
11:56
more alien bold itself, we'll look at the online demo and discussed the data in there.
12:03
So let's look out
12:05
into those a lesson. We're basically install o. S s. I am a free tool for s I am
12:15
when comparing to the complexity off installation between Ozen,
12:18
Splunk and Curator also goes straight in the middle between curator
12:24
and splints. Free version. It was not complex *** curator, but also took a load of it longer and have a little more configuration items to configure when compared to Splunk.
12:35
In our next lesson will actually go over and install Callie Lennox. Are pen testing and ethical hacking operating system into rpm's
12:46
hope to see you soon. Have a great day

Up Next

Building an InfoSec Lab

This course will guide you through the basics of incorporating several Information Security Engineering Tools in your home and/or lab. By building this lab you will be able to obtain corporate-level security within your home network, as well as a higher understanding of the capabilities and advantages these tools bring to your network.

Instructed By

Instructor Profile Image
Kevin Hernandez
Instructor