Category Archives: Security

Suricata and fail2ban

Posted on March 23, 2023 by blogger

In case you want to ban IP addresses based on Suricata fast.log, here is the filter you need: In the jail configuration, I suggest you change the default blocktype from REJECT to DROP. Edit 2023-03-24: you may want to use … Continue reading →

Posted in Computer, Linux, Networking, Security, Ubuntu | Leave a comment

Fortigate: SAML authentication in firewall policy with Keycloak

Posted on October 6, 2022 by blogger

First, create a new Single Sign-On authentication under User & Authentication. As of version 7.0.6, the GUI does not specify ports and does not let you change them either. To work around this, use the CLI. Default ports used by … Continue reading →

Posted in Networking, Security, Uncategorized | Leave a comment

Elasticsearch in Docker: threat intelligence with filebeat

Posted on January 23, 2022 by blogger

Goals: collect observables from supported feeds collect observables from unsupported feeds with elastic-tip

Posted in Computer, Docker, Linux, Networking, Security | Tagged docker, elastic, filebeat, ioc, kibana, monitoring, security, threatintelligence | Leave a comment

Category Archives: Security

Suricata and fail2ban

Fortigate: SAML authentication in firewall policy with Keycloak

Elasticsearch in Docker: threat intelligence with filebeat

Archives

Meta