Security Monitoring with Wazuh

Preface

Part 1: Threat Detection

1 Intrusion Detection System (IDS) Using Wazuh

What is an IDS?

Types of IDS

What is Suricata?

How organizations use Suricata as an IDS

Getting started with Wazuh and Suricata

The core components of Wazuh

Wazuh modules

Wazuh Administration

Installing the Wazuh server

Installing Wazuh agent

Installing Suricata on Ubuntu Server

Understanding Suricata rules

Suricata rule syntax

Network scanning probe attack and detection

Testing web-based attacks using DVWA

Lab setup

Setting up the victim server with DVWA

Test an SQL Injection attack

Test a reflected XSS attack

Testing NIDS with tmNIDS

Lab setup

Installing tmNIDS on Ubuntu Server

Testing for a malicious User-Agent

Testing for Tor connection

Testing ...

Get Security Monitoring with Wazuh now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Security Monitoring with Wazuh by Rajneesh Gupta

Table of Contents

Preface

Part 1: Threat Detection

1

Intrusion Detection System (IDS) Using Wazuh

What is an IDS?

Types of IDS

What is Suricata?

How organizations use Suricata as an IDS

Getting started with Wazuh and Suricata

The core components of Wazuh

Wazuh modules

Wazuh Administration

Installing the Wazuh server

Installing Wazuh agent

Installing Suricata on Ubuntu Server

Understanding Suricata rules

Suricata rule syntax

Network scanning probe attack and detection

Testing web-based attacks using DVWA

Lab setup

Setting up the victim server with DVWA

Test an SQL Injection attack

Test a reflected XSS attack

Testing NIDS with tmNIDS

Lab setup

Installing tmNIDS on Ubuntu Server

Testing for a malicious User-Agent

Testing for Tor connection

Testing ...

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly