Time
1 hour 37 minutes
Difficulty
Intermediate
CEU/CPE
2

Video Transcription

00:00
Hello. My name is Isaac. Welcome to lean on Security.
00:04
Now, let's go to the
00:06
Kelly Lennar's
00:08
virtual environment
00:11
so that we can send the TCP
00:14
longs
00:15
to our Splunk.
00:18
So here we click
00:20
on the Kali
00:22
to access the accounts.
00:27
We're talking the roots. User name
00:31
Logan
00:33
type in the password. The default password for Callie Glynis is T o R. That's reverse off.
00:41
Won't.
00:44
Oh, identification, failure and type the password wrongly.
00:49
Let's just do that again
00:55
out there.
00:58
Route
01:00
R O T There
01:02
log in. Password is
01:06
R O T
01:07
Blufgan.
01:10
Okay, so our logging is successful now.
01:14
Now the Cali Knox and governments
01:18
here we have a slogan from Cali nearly knocks.
01:22
The quieter you become, the more you are able to hear.
01:27
That's great.
01:30
Okay, so the next thing we're going to do, we're going to log into the computer, my computer here, and go the file system
01:38
so that we can access the
01:41
our sea slug configuration file.
01:44
So you click on the file system.
01:56
Good. So now we go to E. T. C folder
01:59
selected and scroll down to search for the
02:02
arses log file
02:05
script so that we can indeed it
02:14
to give us the results off the TCP
02:17
logs that we're looking out for.
02:22
So click here.
02:24
Okay, so we have the scripts open,
02:28
so we're going to date it now.
02:31
Just go to the bottom of the scripts here.
02:37
It's cool this down.
03:13
Okay, so the bottom here, we're going to I did it.
03:15
We're going to edit this
03:20
script here.
03:23
Console his last statement. Here's a press enter.
03:27
Okay? So I'm just going to type in all the
03:30
all the scripts that
03:34
has come in together with this lab environment
03:38
before we say it
03:40
and upload it.
05:17
So when we're done
05:19
tapping this script here,
05:21
the
05:24
Callie Lennox bash
05:26
will run this script
05:29
and send in the
05:30
city i p t p I p logs
05:33
into our Splunk environments.
07:59
Okay, so I'm typing this asterix dot Asterix here
08:03
to find
08:05
off our name types with all file extensions
08:09
and
08:11
coming from this particular I P address
08:24
and also from the sports club port number.
08:33
All right.
08:58
And so with all these done now, we can save our file our script file
09:05
one safe. We can
09:07
go ahead and we start the Cali leaners
09:13
environments
09:22
just want to ensure their safe now.
09:56
All right, So we go to roots here
10:01
and try to lug outside.
10:03
We start this
10:05
Kelly Lena
10:09
environment so clued Shut down here,
10:13
click over start.
10:16
Catalina's environment is going to start in a few minutes.
11:20
Okay? So we can now love back into the
11:24
Callie. Lena. It's virtual lab
11:28
environments.
11:50
Okay, so now we want to send
11:54
the logging message toe are Splunk environment.
11:58
So we live for the command prompt here,
12:03
and we're going to type in.
12:05
It's logging, honesty
12:07
test.
12:16
And so this message there were
12:18
outputting to our
12:22
Splunk
12:24
events.
12:31
So that's it.
12:33
This is a test of Splunk 40
12:37
hit. Enter.
12:46
All right,
12:48
So now we can go back to our
12:50
Splunk
12:52
window, which has been running all this while
12:56
so that we can see the
12:58
logs that have been captured automatically
13:03
from this our calendars
13:05
virtual machine.
13:09
So we go back here.
13:13
So
13:13
I did.
13:15
I can see
13:16
and start searching.
13:18
So the search field now
13:26
we can now type in.
13:28
I was such criteria.
13:43
So we type in. This is a test
13:50
include search.
13:56
And so there we are
13:58
against the one
14:01
event here
14:03
that has been received from our
14:05
host the Kelly dinners land environment.
14:09
We can see the source, which is a TCP
14:13
20,000 year in source type, which is a cease log.
14:16
We can see our
14:20
message. Would you type there? Which is This is a test of Splunk 40.
14:24
So were successfully received
14:26
this TCP
14:28
logging from
14:31
the Cali next environment in tow US plunk environment.

Linux Fundamentals for Security Practitioners

Linux Fundamentals for Security Practitioners provides an overview on how to properly configure a Linux OS to provide a secure computing environment for end users. We'll cover a combination of materials, focusing on Linux architecture, permissions, commands, directories, and shells to achieve a hardened Linux operating system configuration.

Instructed By

Instructor Profile Image
Isaac Bewarang
System Administrator at Plateau State University
Instructor