Good so far. A Nmap scan and everything logs correctly. I haven’t done many projects yet other than testing.
I’m currently playing with custom firewall rules and seeing if I can improve upon the defaults. So far I’m not seeing anything major.
Next I may just setup traffic between the server and windows box for logging practice.
awesome 🤙🏻🔥
nostr:npub1f6ugxyxkknket3kkdgu4k0fu74vmshawermkj8d06sz6jts9t4kslazcka ok question.
Opened up a SSH connection and successful login from windows to server.
It registers on dashboard correctly and logged as low level 3 by rules.
Nice.
Next I am going to purposefully trigger higher 8-10 alarms with multiple incorrect logins, reverse lookups, etc.
After that I’m not sure what to look at. Any ideas on next steps of basic logging? Custom rules maybe?
check this out. it will get you going
nmap 🫶
