6 hours 28 minutes
Welcome back to the savory course in building. You're in for a sec lap. I'm your host and instructor Kevin Hernandes.
In our last lesson, we installed a free version off Splunk. One of the top. Yes, I am players out there in the market.
In today's lesson. We'll go over O s s. I am Oh, awesome. From animal
Company by AT and T It is also a tool that at this level it's free of charge and can use in your lab.
Now let's get started.
Let's go ahead. And it's Tello's.
So creating a machine
other. And there
I ask you to cp use sister giggsfirst
Give it 45 Storch and everything else
you just say,
make sure you pick the image disk. It's not loaded yet. So the school ahead and load it on the radio emissions. How low? T
Now, both, um, it's basically the free version off alien bolt
and we're only gonna show the quick installation. If anything, when we actually look into awesome, we're gonna look at the *** only half online for free and base. Aren't research be on that
the reason why I do this is because awesome in the *** well already has a lot of locks in it, and their first gonna have on provide us a better view on what it's needed in a real time environment, so to speak.
Another reason we're only gonna install This is first of all, our storages. You're getting relatively small at this time.
Olsen is to free variant of edible, and an involved itself offers a free *** online.
Therefore, we can utilize freedom in order to more familiarize with the products that are available out there. Now
you won't be able to use a free demo indefinitely, and it's only like cloud version.
Therefore, it's more so you can familiarize with how s I am, Sze work and most likely what will be provided to you, if you will by this part for your enterprise.
So select the image
and listen next
verify everything looks okay for two
45 lets it finish.
And there's those, um, let's go ahead and start the machine
and see how it goes.
There we go. You can start a system or a sensor. So that's the system itself.
Here we have the lynch was selector,
screw in English and hit.
For some reason, the keyboard amounts not properly
go in there.
and knowledge not detecting the hardware
in the city,
and it's installing its components looks a lot simpler than curator. To be honest so far,
the I P addresses unique to your computer and maybe for number supper by periods look accident ful if you don't know what to use your conciliate network administrator. Okay,
so let's assign an I P address for this.
We'll see which I p The P M has been a sign
you can see at this moment. No. Eight p address has been assigned.
Let's just give it a random one.
You feel for the best.
That's that's correct.
Gateway P is correct.
Let's see what happens to her
after the night. Worse configure, it will require you to put in some credentials.
Let's go ahead. Put some credentials in
Most continue with insulation.
It's like time so
sloping additional components are petitioning
I'm installing the system now
You don't go ahead and possibly your 1st 2nd?
No, we're about five
for eight minutes in
after we policy video and it's still the process. Installation
looks pretty much done, however.
We're not sure of that career. About 29% actually seem to have finished installing
D s. I am. You can see here interface I'd be So let's make sure we take a snip. It's not that
copy. Let's add it back to our sheets
at the name.
Let's see it.
let's let you.
And there, you know, it says to access the Web interface to go to that I p right.
So let's go ahead.
Let's go to that interface
one night to that once excited that one don't want to. Three.
So when I 2.168
Let's get a second.
Who wants your lug in? You're gonna get the traditional warning.
Let's give it a second fertile owed you got here. You'll start filling up information. Kevin past hurt
email. I'm gonna pulse toe Philip. The other information.
Once you complete an information to 1% of what admin page
and you're Logan.
So you're about to see at least reconfigure critical security capabilities. Very minimal one. Never monitor figure not wearing tutus and monitor network track for threats to discover assets. Olson will perform this curry scan to detect at six and three, collect locks and monitor assets. Monitor assets, Locks on alone. Suspicious Ex City. So let's go ahead. Let's start.
Let's see if it actually detects anything,
Okay, it didn't find her management interface,
So let's click next
and found a host
Okay, so let's can the network.
Well, let's skin there.
management interface until we can figure
the device properly. This might not work with the hits Next
Sting. For each ideas, it lets his next and skipped it.
Skip this temp
and ask if you want joining the exchange opened. Turn exchange. Let's skip it.
Let's explore it now
so you have a dash for it
with some information, right?
No authentication alerts, system
and excess. And this is a lot more info you're seeing now, versus you know
what we saw from curator and Splunk by default.
Now this is most likely information from the system itself, and we won't know until we actually get into the needy greedy of it. So let's just click on one. Let's see what happens,
it's in Here we go.
You see here a couple of events the risk and M bald session opens session clothes.
This this mostly
D This divides itself.
Figure a real time. We might be seen on a couple events
you ever take. You can see now out of memory.
That's a citizen risk. And honestly, this is because we estimated it very little amount of ram,
so just be aware of that.
If we have the assets, you have a window, sits be slashed. Alison,
we have the and unbolt system.
You can sit name groups
to buy it and the lands
that were groups
It also create reports on no alarms.
This is same pack tough events, et cetera,
since pretty easy,
pretty simple compared to other s. I am sze.
You can actually look at different alarms right now.
We don't have any
session close. So let's cloak into that and look further
and here you can see that it came from the center from this I p.
And it's an authentication event for a log out,
right? And it's a system log.
You just throw a lot of it letter here in the bottom, you have to actual payload of the event.
And this is really where the need a greedy gets into any. Yes, I am these type of events themselves. It's what you will be. You see things such as rash, Jax, if you wanna build custom data inputs into other applications
and this is where we're gonna leave all this aside, I am for now.
Once we get into
more alien bold itself, we'll look at the online demo and discussed the data in there.
So let's look out
into those a lesson. We're basically install o. S s. I am a free tool for s I am
when comparing to the complexity off installation between Ozen,
Splunk and Curator also goes straight in the middle between curator
and splints. Free version. It was not complex *** curator, but also took a load of it longer and have a little more configuration items to configure when compared to Splunk.
In our next lesson will actually go over and install Callie Lennox. Are pen testing and ethical hacking operating system into rpm's
hope to see you soon. Have a great day