An unofficial addon Ubuntu server for the DetectionLab project.
DetectionLab Project »
DetectionLab is a great Cyber Security Testing Lab by Chris Long
Comprised of 3 Windows and an Ubuntu (SIEM) logging host the Lab is a quick way to test the preinstalled security projects. DetectionLab uses Vagrant to build the custom virtual machines. Expanding the lab for custom scenarios is very beneficial.
Here's why:
- Save time
- Play with Open Source Security Tools and Systems
- Learn
Use these configuration files and the Vagrantfile as a template for spinning up additional Ubuntu or other Linux based hosts. The host will have osquery and ossec both pre-installed and reporting to the Logger host in the Lab network.
The Vagrant configuration file is specifically for a Virtualbox system and has been tested running on an Ubuntu 20.04 host. It will need modification to run on other hypervisors and operating systems.
- Clone the repo
git clone https://github.com/hackertarget/DetectionLabUbuntuAddon.git
- Build the Host with Vagrant
test@vbox:~/DetectionLabUbuntuAddon/ $ vagrant up - Check in the Fleet console that osquery for ubuntu200 has been enrolled
Use this configuration as a template for other hosts and vagrant builds you would like to add to your DetectionLab network.
Distributed under the MIT License. See LICENSE for more information.
Peter - https://hackertarget.com