Sunday, March 20, 2016

Call For Speakers Malaysia Open Source Conference 2016 MOSC MY

Call For Speakers Malaysia Open Source Conference 2016 MOSC MY



Call for speakers is open to all individual, organization, universities, companies and government agencies who is to present on the case study, development, implementation or applications. The presentation paper or slide must be in knowledge sharing concept. The presentation paper or slide must not contain marketing materials to promote certain product or company.


MOSC MY 2016 : http://www.mosc.my

Call For Speakers form : http://goo.gl/forms/BiWQIn2bD8

Over the years, Malaysia Open Source Conference or MOSC MY have brought together thousands participants, of CEOs and leaders, vendors, consultants, associations and regulators from around Malaysia and the world to address mutual challenges and share information on Open Source Software.

With "A New Begining" as the theme for year 2016, we are addressing the main technology focus and trends for most consumers.

MOSCMY 2016 is set to explore the Open Source software and technology at the Enterprise level, and to promote the development of local Open Source solution for Enterprise environment to be use worldwide.

Date : 25-27 May 2016 (Wednesday Till Friday)
Time : 9am till 5pm
Venue : Faculty of Information Science & Technology, Universiti Kebangsaan Malaysia, Bangi, Selangor.



MOSC MY

Tuesday, February 09, 2016

Install Oinkmaster For Suricata IDS / IPS / Network Security Monitoring Software

I'm using Suricata IDS / IPS / Network security monitoring software and log alert into syslog. By logging into syslog its can be process later by Logstash and store into Elasticsearch and can be view by Kibana. I'm using Ubuntu Linux Server 14.04 LTS for this setup.

Simple guide :-

1) Install suricata and oinkmaster

apt-get update
apt-get install suricata oinkmaster

 * suricata disabled, please adjust the configuration to your needs
 * and then set RUN to 'yes' in /etc/default/suricata to enable it.

2) Download rules

2.1) Create directory

mkdir /etc/suricata/rules


edit /etc/oinkmaster.conf using vi or pico and add this line.

url = http://rules.emergingthreats.net/open/suricata/emerging.rules.tar.gz


Save and run test

oinkmaster -C /etc/oinkmaster.conf -o /etc/suricata/rules


check directory /etc/suricata/rules should all rules download


3) Create a cron file into /etc/cron.d named oinkmaster

pico /etc/cron.d/oinkmaster

Add this content

0 2 * * * /usr/sbin/oinkmaster -C /etc/oinkmaster.conf -o /etc/suricata/rules


4) edit /etc/suricata/suricata-debian.yaml


# Configure the type of alert (and other) logging you would like.

  # a line based alerts log similar to fast.log into syslog
  - syslog:
      enabled: yes
      # reported identity to syslog. If ommited the program name (usually
      # suricata) will be used.
      #identity: "suricata"
      facility: local5
      #level: Info ## possible levels: Emergency, Alert, Critical,
                   ## Error, Warning, Notice, Info, Debug

logging:

  - syslog:
      enabled: yes
      facility: local5
      format: "[%i] <%d> -- "

# Set the default rule path here to search for the files.
# if not set, it will look at the current working dir
default-rule-path: /etc/suricata/rules
rule-files:

classification-file: /etc/suricata/rules/classification.config
reference-config-file: /etc/suricata/rules/reference.config


Further reading :-

https://web.nsrc.org/workshops/2015/pacnog17-ws/raw-attachment/wiki/Track2Agenda/ex-suricata-rules.htm

https://redmine.openinfosecfoundation.org/projects/suricata/wiki/Rule_Management_with_Oinkmaster

Sunday, December 20, 2015

Tips Pemasangan Docker Bagi Linux Ubuntu Server

Tips Pemasangan Docker Bagi Linux Ubuntu Server

1) Pemasangan Linux Ubuntu Server. Bagi nota ini adalah versi Linux Ubuntu Server 14.04 LTS


Pastikan sewaktu pemasangan anda, pada langkah kedua selepas pemilihan bahasa, tekan butang F4. Ini akan memberikan anda pilihan Mode pemasangan.

Buat pilihan minimal system jika anda memasang pada perkakasan dan minimal virtual machine jika anda memasang dalam Virtual Machine (VM) seperti Vmware, VirtualBox atau Proxmox.



2) Pemasangan yang asas untuk keselamatan. Saya memasang Fail2ban dan UFW untuk perlindungan awal.

apt-get install fail2ban ufw

Bagi konfigurasi ufw

ufw allow 22/tcp
ufw allow 80/tcp
ufw allow 443/tcp
ufw enable
ufw status
ufw default deny

Pada arahan ufw status pastikan periksa dahulu port SSH (22/tcp) telah open. Fail2ban akan lindungi bruteforce. Adalah penting untuk lindungi dengan password yang keras dan username yang susah teka.

Jangan lupa dalam pemasangan nanti untuk allow ports yang berkaitan dengan Docker dan Fowardered. Baca manual secara keseluruhan.


3) Pemasangan Docker

Permasangan yang sesuai adalah dengan mengikut nota yang disediakan oleh pihak docker sendiri di


Perkara penting sebelum memasang Docker. Kemaskini Kernel dengan apt-get dist-upgrade dan reboot server.

4) Saya menggunakan unbound bagi tujuan cache DNS pada host server. Pastikan DNS konfigurasinya telah dibuat. Rujuk kepada /etc/resolv.conf

apt-get install unbound

Seterusnya Docker Rancher.


Harisfazillah Jamel / LinuxMalaysia

Lean & Mean

20 Dis 2015

ps -ef | grep docker

Today Notes Blog About Linux Open Source Computer Internet

comments powered by Disqus

Popular Posts