Chaotic Security Blog

After working with Security Onion which is a type of SIEM, I was curious about vulnerability scanners as well. Wahzuh which is another free security-based SIEM. It also allows you to do a vulnerability scan of the system to see if there are endpoints on your network that are susceptible to certain types of vulnerabilities. This can aid you in making sure your systems are free from common security vulnerabilities. I managed to set it up to monitor my Ubuntu and Windows systems on my little home lab network.

Still working on a practice test for the CompTIA CySA+ exam. Starting to score pretty good on them so I should be ready for my test toward the end of this month. Just going to keep plugging away at them.

I have been working more with my VMware virtual machines. I managed to get Security Onion installed and let it run for a few days to see if would produce any types of alerts from its default settings. It has a web-based dashboard so been messing around with it. It does give a few alerts based on simple settings like login attempts, but since the virtual network is not really online there is not a lot for it to monitor. I did manage to get it working which is good practice.

I am almost through reading the CYSA+ book. As most of it was covered under the Security+ exam I passed a few months ago I have decided to go ahead and schedule my CYSA+  test for the end of next month. So mostly just practice tests from here on out.

Looking at one of the Cyberwox YT videos he mentioned a site that he had used in his training called Let’s Defend. It seems to be another security-based site for blue team learning. They have a free section that I plan on checking out. The more knowledge the better.

Reading through the CySA+ book I ordered. It is more centered around the work of a cybersecurity analyst than the broader that the Security+ exam covers. Started working on some practice tests as well.

Going to try to get another cert by the end of this year so going to toss in on the CompTIA CySA+. I went ahead and ordered a study guide from Amazon for it so hopefully it will be a good one as Exam Cram doesn’t seem to have a book that covers it. 

Continue the work on the home lab and look around for some SIEM products. Seems like there are quite a few out there like Splunk, CrowdStrike, and others. Seems like most of the big ones require company servers or really large fees for licensing. I did hear about one called Security Onion on one of my cybersecurity YT videos. It is free and open source so will give it a try and see if I can get it installed in VMWare.

Working on a home lab!

To try to help out with gaining more experience in the field I decide to try to build a home lab. Nothing really big right now but trying to start with some virtual machines so signed up for a trial version of VMWare and have been installing Windows Server and Ubuntu on it to test things out. I want to try working with some SIEMS and see if I can get some monitoring setup.

Been working through some more lessons on TryHackMe. I still like the format of the lesson that have as they work reading about the various security processes and pair them with virtual machines that allow you to practice what you are learning along with it.

Some of the questions are looking for very specific answers as you learn in tech there are almost always multiple ways to resolve a problem, but they seem to look for a specific answer worded the way they expect. So sometimes you can just do your best.