Wazuh Open Source SIEM: XDR for Enterprise and Home Lab

Wazuh Open Source SIEM: XDR for Enterprise and Home Lab @wazuh #homelab #selfhosted #WazuhSIEM #OpenSourceSecurity #IntrusionDetection #WazuhFileIntegrity #SecurityAnalytics #VulnerabilityDetection #WazuhComplianceStandards #CloudSecurity #WazuhInstall

The cybersecurity landscape is evolving. Many commercial security platforms offer value, including SIEMs and others. However, an open-source solution called Wazuh stands out as a powerful open-source security platform, offering tools for threat detection, regulatory compliance, and much more. Let’s look at Wazuh and better understand its components and features that help everyone, from a chief…

View On WordPress

I think it is very cool how tech companies, schools, employers, and universities make it actively difficult to distance yourself from Google, Microsoft, and Apple.

Yes most Linux distros are very stable, way more secure, privacy friendly, and way more customizable. But every institution is built to make technological independence as difficult as possible.

Yelling on the internet that everyone should switch to Linux and FOSS really ignores how much of the technological world is designed to not let that happen.

Basic Linux Security (Updated 2025)

Install Unattended Upgrades and enable the "unattended-upgrades" service.

Install ClamAV and enable "clamav-freshclam" service.

Install and run Lynis to audit your OS.

Use the "last -20" command to see the last 20 users that have been on the system.

Install UFW and enable the service.

Check your repo sources (eg; /etc/apt/).

Check the /etc/passwd and /etc/shadow lists for any unusual accounts.

User the finger command to check on activity summaries.

Check /var/logs for unusual activity.

Use "ps -aux | grep TERM" or "ps -ef | grep TERM" to check for suspicious ongoing processes.

Check for failed sudo attempts with "grep "NOT in sudoers" /var/log/auth.log.

Check journalctl for system messages.

Check to make sure rsyslog is running with "sudo systemctl status rsyslog" (or "sudo service rsyslog status") and if it's not enable with "sudo systemctl enable rsyslog".

Perform an nmap scan on your machine/network.

Use netstat to check for unusual network activity.

Use various security apps to test you machine and network.

Change your config files for various services (ssh, apache2, etc) to non-standard configurations.

Disabled guest accounts.

Double up on ssh security by requiring both keys and passwords.

Check your package manager for any install suspicious apps (keyloggers, cleaners, etc).

Use Rootkit Scanners (chkrootkit, rkhunter).

Double SSH Security (Key + Password).

Disabled Guest Accounts.

Enabled Software Limiters (Fail2Ban, AppArmor).

Verify System Integrity via fsck.

Utilize ngrep/other networking apps to monitor traffic.

Utilize common honeypot software (endlessh).

Create new system-launch subroutines via crontab or shell scripts.

Ensure System Backups are Enabled (rsnapshot).

Check for suspicious kernel modules with "lsmod"

Glamrock Freddy, running through the Pizzaplex to reach Gregory: I abandoned my boy!

How to install NewPipe on Android

NewPipe is a YouTube replacement client for Android devices. It's open-source (meaning, you can see all of their code as you please), privacy-oriented, lightweight, and supports features that are normally locked behind a YouTube Premium paywall.

Disclaimer: I am not affiliated with NewPipe, YouTube, Android, Google, Alphabet Inc, or any other brand or name mentioned here. I made this guide to help my friends who were curious.

NewPipe's Website: https://newpipe.net/

The GitHub Repository

Step 0. Compatibility check

Make sure you're running an Android device! This won't work on an Apple device of any kind! Also, for those more tech-savvy among you, if you have the F-Droid store installed, you can download NewPipe straight from there!

Step 1. Downloading

Go to NewPipe's Github repo (repository, the codebase or where all of the code is stored). Scroll to the bottom of the page until you see "Releases". Click on the one that says "Latest" next to it in a little green bubble:

Your version number (v#...) will be different if you're reading this in the future! That's okay. Scroll past the changelog (unless you want to read it!) until you find "Assets":

Click on the first one, the one with the little cube ending in .apk. APK files are Android Package (Kit) and are the main format for downloading apps. Once you click on the link, it should begin downloading or your browser will ask you to confirm that you want to download this file. You should always verify the filename matches what you expect it to be (namely, the file format) before attempting to install! It might take a few moments for the file to download depending on your internet connection.

Step 2. Installation

Once you have the file downloaded, you can click the download popup in your notification bar or find the file in your device's file system. One of 2 things will happen:

You will get a popup asking if you want to install an APK by the name of NewPipe - confirm that you do (and make sure the app is really NewPipe!) and it will install automatically. You can then click "Open" to open the app and begin using it.

You will get a popup warning you that you have the ability to install apps from unknown sources disabled and that you can't install this. This is normal and does not mean that you downloaded the wrong thing.

If you got the first popup, continue past this step. For those of you who got the second, let's go over what this means.

By default, most Androids have this setting disabled. This is for security purposes, so you can't accidentally install a malicious app from the whole internet. If you enable this setting (allow installations from unknown/unsigned sources), you are theoretically putting yourself at risk. Realistically, you're probably fine. But, after installing NewPipe, you can always re-disable the setting if it makes you more comfortable. That will prevent you from installing updates in the future, but it can always be re-enabled.

Ready to turn that setting on? It will vary by your individual device! Some devices will take you directly to the page with the setting upon failed installation, and some you will just have to find it yourself using the searchbar in settings.

Once you've allowed installations from unknown sources (wording may vary slightly), try to repeat the steps above of clicking the download popup or finding the APK in your files and trying to install it. It should work correctly this time!

Step 3. Updating NewPipe

Like most apps, NewPipe is in development currently and frequently has new versions released to improve it and fix bugs. Unlike most apps, NewPipe needs to be manually updated, since we haven't downloaded through the Google Play store.

To update NewPipe, all you have to do is follow the above steps for installing the app, except that when you get the popup asking to install it, it will instead say "Update". That's it! NewPipe and Android handle the rest.

NewPipe also has popup notifications for when the app has a new update, so you don't have to worry about checking the GitHub for a new release. Just click on the "A new version is available" popup and it should take you directly to the webpage.

That's it! Enjoy browsing videos in peace without ads and with the ability to download and so much more. Pro tip: you can copy paste YouTube links into the NewPipe search bar to go directly to that video/playlist/channel.

Reminder to boycott GitHub

Linux Administration: The Complete Linux Bootcamp for 2024

This Linux Administration course covers every major topic, including using AI and Natural Language to administer Linux systems (ChatGPT & ShellGPT), all important Linux commands, the Linux Filesystem, File Permissions, Process Management, User Account Management, Software Management, Networking in Linux, System Administration, Bash Scripting, Containarizing Apps with Podman, Iptables/Netfilter Firewall, Linux Security and many more!

I’m constantly updating the course to be the most comprehensive, yet straightforward, Linux Administration course on the market!

This course IS NOT like any other Linux Administration course you can take online. At the end of this course, you will MASTER the key concepts and you will become an effective Linux System Engineer or Administrator.

This is a brand new Linux Administration course that is constantly updated to teach you the skills required for the future that comes.

The world is changing, constantly, and at a fast pace! The technology-driven future in which we’ll live is filled with promise but also challenges. Linux powers the servers of the Internet and by enrolling in this course you’ll power the essential Linux concepts and commands. This Linux Administration course is really different! You’ll learn what matters and get the skills to get ahead and gain an edge.

I keep seeing that post that’s like “everything should be open source, cars don’t weld the hoods shut so you can’t look at the engines” and while I get what the post is trying to say the metaphor always throws me bc cars def straight up have a bunch of embedded computer units in them w a lot of inaccessible source code

Proton Pass Review: Password Manager that Hides Your Email Address

Proton Pass Review: Password Manager that Hides Your Email Address @vexpert #vmwarecommunities #100daysofhomelab #homelab #ProtonPass #PasswordManager #EndToEndEncryption #HideMyEmailAliases #FreePasswordManager #ProtonServices #protonpasswordmanager

With identity theft and breached credentials all over the news, password managers have become necessary to help generate strong, unique passwords. Proton AG, a Swiss-based company revered for pioneering the world’s largest encrypted email service – Proton Mail, has introduced its take on a password manager solution. Known as Proton Pass, it brings an exciting blend of unique features, stringent…

View On WordPress

I created this with the intended purpose to document the jank stuff on my network and what goes on.

honestly I have more of a problem with companies stealing art from individual artists to advertise stuff, then not crediting or paying the creator. Still falls under "copyright infringement"...

... But when's the last time a billionaire went to jail for something that wouldn't cost literally millions and millions of dollars to hire lawyers for?

And how many people were sent to jail when Disney killed Jeffrey Piccolo's wife? (Most famous for "oh you can't sue us because you signed up for Disney+")

prison is fucked up regardless but the fact that you can do a prison sentence for copyright infringement is especially insane to me. you deserve to lose your autonomy because we might have potentially made money from that thing. i imagined you did a crime against me so now one day you'll have to hear your son ask his mother who you are.

ChatGPT’s o3 Model Found Remote Zeroday in Linux Kernel Code

OpenAI's o3 just uncovered a remote 0-day in the Linux kernel's SMB code—CVE-2025-37899. A patch has already been rolled out.

ChatGPT’s o3 Model Found Remote Zeroday in Linux Kernel Code

Archive Links: ais ia

As cyber threats grow in volume and sophistication, relying solely on internal defenses is no longer enough. OSINT adds an external perspective, helping organizations uncover blind spots and take proactive measures. Whether used for vulnerability scanning, threat monitoring, or investigative research, open-source intelligence can significantly enhance your cyber defense. By understanding how open source intelligence cyber security works and implementing it ethically, businesses can stay a step ahead in the ever-evolving digital threat landscape.

How to configure OpenWrt as Firewall for your home network and Guest Wifi and IPTables explained

Guest Wifi in your home network can easily be done with OpenWrt. How to configure OpenWrt as Firewall, how to build a firewall for your home network, How to make a Guest Wifi and a separate IOT Wifi and Firewall zone ? IPTables are explained in the middle part.