SANBA Security

I’m using OpenSearch to monitor AWS WAF logs. However, whenever I’m making a query, it says that “5 of 316 shards failed”. See the screenshot below for details of the error: The dashboard shows up successfully without any problem, but it’s kinda uncomfortable to see the persistent pops-up of such error. After posting this issue on the reddit forum, I got some useful advice from the community: This is more like an elastic search question than AWS. This might be a multi-index search and the mapping on one or more indexes has a number type instead of a date on the field I'm searching. Another insight is that it looks like it could be that 2/7/2021 index if I am searching an alias or a wildcard index. Check the mapping for the field you are trying to submit a date value for. Since I did not need the index in question, I opted to delete it:  In Dev tools in my OpenSearch (or in Kibana if you're using it), I entered the following command line:  # DELETE /awswaf-2021-07-02 And then c...

How to install GVM/OpenVAS to scan vulnerabilities on Kali Linux? First, you need to upgrade your Kali Linux environment. Before conducting an upgrade, it is recommended that you enter the following command so that the list of available packages and their versions is updated beforehand (without installing or upgrading any packages): # sudo apt-get update After that, installing newer versions of the packages you have (As mentioned previously, because the lists have bee updated, the package manager is aware of available updates for the software you have installed): # sudo apt full-upgrade -y Note: you can use the combo command " apt-get update && apt-get upgrade"  to do both steps after each other. After that, install gvm or openvas (opevas used to be the name for this scanning tool, and it was then changed to gvm. Currently, openvas refers to scan engine. However, if you choose to install opevas, it will refer to gvm): # sudo apt install gvm Then, check the prerequisit...

 Is the CompTIA Security+ course necessary for security? This question is quite common, and my answer is Definitely! Indeed, it is like a very fundamental certification for beginners who want to open the entry to the security field. I passed CompTIA Security+ on April 22, 2019 when I was working as a security governance specialist. This provided me with very basic knowledge of security, in terms of technical and non-technical aspects. You can view my badge on Credly: To renew my certification, I purchased "CertMaster CE for Security+ (Exam SY0-601)" because  it was very easy for me to fulfill their requirements for continuing education units (ECUs) through only  one activity. You just bought this course, marked complete for each lesson, and then do the assessment test. If you pass 100% (you can try with as many as attempts you want), you will complete the goal. CompTIA will automatically recertify your certification afterwards.   You get access to and then clic...

  MITRE ATT&CK - Resource Development - Building Custom Tools 1. Local Enumeration - Architecture The difference between  reconnaissance  and  enumeration  stands in the former being the act of scouting or exploring with the aim of gaining information. On the other hand, enumeration is the second phase centered around the obtainment of information missed during the first phase. E.g. The versions of services or operating systems scanned on the target's machine.  The architecture of the Linux operating system contains the following components: the Kernel, System Library, Hardware layer, System, and Shell utility. In terms of security, valuable information is contained within these components. Nonetheless, specific versions of the components are vulnerable to adversary threats.  Enumerating the architecture is crucial in gaining information and using it to determine the machine environment. Create a  bash  script using  gedit  in o...

Reference resources https://www.cdc.gov/parents/essentials/overview.html https://www.babycenter.com/ Important Milestones: Your Baby By Four Years | CDC Apps for tracking milestones CDC's Milestone Tracker :  Download it free today on  iOS   and  Android : external icon external icon https://www.cdc.gov/ncbddd/actearly/milestones-app.html Babycenter Naturally use "parentese" to  – a way of speaking to babies in simplified sentences and phrases with a high-pitched voice. Choose colourful, sturdy books for babies. How to hold a crying baby: link https://www.babycenter.com/baby-products/toys-and-learning/best-baby-books_40007666 07 May 2022  This morning, when my son woke up, he cried and persistently yelled at me to force me to lie down on the bed with him. I had no choice but to listen to him although I want to train him how to wake up or get back to sleep by himself. In the afternoon, we went to the bookstore so that he can wind down and hopefully behave ge...

TOPIC A: IMPLEMENT CYBERSECURITY BEST PRACTICES A chroot jail is a technique of controlling what a process a user can access on a file system by changing the root directory of that process's environment: Encryption is a cryptographic technique that converts data from plaintext into coded, or ciphertext, form. Decryption is the companion technique that converts ciphertext back to plaintext: LUKS: Linux Unified Key Setup is a platform-independent FDE solution that is commonly that is commonly used to encrypt storage devices in a Linux environment. The cryptsetup command is used as a front-end to LUKS and dm-crypt SYNTAX The syntax of the cryptsetup command is cryptsetup [options] {actions} [action arguments]  Hashing is a process or function that transforms plaintext input into an indecipherable fixed-length output and ensures this process cannot be feasibly reversed. The resulting output of the hashing process is called a hash, hash value, or message digest. TOPIC B: IMPLEMENT IAM M...