Category Archives: Security

Suricata and fail2ban

In case you want to ban IP addresses based on Suricata fast.log, here is the filter you need: In the jail configuration, I suggest you change the default blocktype from REJECT to DROP. Edit 2023-03-24: you may want to use … Continue reading

Posted in Computer, Linux, Networking, Security, Ubuntu | Leave a comment

Fortigate: SAML authentication in firewall policy with Keycloak

First, create a new Single Sign-On authentication under User & Authentication. As of version 7.0.6, the GUI does not specify ports and does not let you change them either. To work around this, use the CLI. Default ports used by … Continue reading

Posted in Networking, Security, Uncategorized | Leave a comment

Elasticsearch in Docker: threat intelligence with filebeat

Goals: collect observables from supported feeds collect observables from unsupported feeds with elastic-tip

Posted in Computer, Docker, Linux, Networking, Security | Tagged , , , , , , , | Leave a comment