Oh what I completely forgot this one 🙈🙈 sry

@@christianlempathis advanced settings section I’m in here to change to dark mode is SO vast. Wow. You could do multiple videos on Wazuh. This tool is so powerful. I’m trying to integrate it with the clamav install on my Raspberry Pi. This is where very cool videos could be made IMHO. On the integrations and auto remediation capabilities.

@@christianlempa All good, just joking :) Good topic/platform - love to see it & looking forward to the stack evolution ^^

Thank you! :)

​Hi@@gardnerjp1- I have spent several hours of my extremely limited free time trying to get both Traefik and Wazuh up and running in my lab with no success despite there being countless guides and resources available. I'm sure it is a simple proficiency issue hence my compliments to Christian on making it look so easy. Ultimately, it's software I'd like to explore but doesn't seem packaged appropriately for people who don't have more highly skilled experience in IT. I'm sorry you felt that my comment was cause to hurl unwarranted verbal abuse my way. I hope you eventually have more going for you in life so that you don't need to turn to negative interaction on the internet to satisfy some need for socialization.

Love and peace guys! :D I know both technologies are targeted at intermediate/advanced level, so take your time, I also needed a lot of time to get through understanding traefik :P

The commentary by @ilovestitch shows how complicated IT security is today. If you don't have the confidence, you should leave it alone. There are users who only need the Home Lab to listen to music and watch videos. That's fine with me. Nobody is perfect.

@@gardnerjp1 calm down. Everybody starts somewhere. @ilovestitch may be just getting into this and it takes years of experience to be able to get to this level. Man, I hate how toxic IT can be sometimes. How about let's not be stuck up gatekeepers and instead try teaching and encouraging. smh. BTW I'm a cloud engineer and at the advanced level and I still wouldn't treat a stranger like this.

@@willisiswillis As a DEV and regular code contributor to Traefik, I see all types. The only thing I find obtuse in this is thread is the attack on the software and all the people who don't use it who are making excuses for the attacker. It's like monkeys in a barrel, climbing over each other to win an argument about a solution they don't even understand! Laughable really

Exactly! They missed a great opportunity here.

Shorty: Whatchya doin' son? Killer: Nothin.. Just chillin.. Killin.. Shorty: True true..

True.. True.

nice! :D

So cool, thank you! Glad it was helpful

Don't worry, Wazuh is kinda difficult and weird to set up, start with something easier. For example, my Docker Series on Patreon, or videos like Dockge are good for beginners.

It wouldn't be honest to make a comparison with a software from a company I'm affiliated with, but I hope to make more follow-up videos on Wazuh and dive into the technology and configuration, to learn more about how these tools work.

@@christianlempa I understand your point, but as long as you declare your conflicts of interest I don't see any problem, it would be illusory to demand a totally objective judgement. Even when there is no affiliation, we still have personal preferences, and objective benchmarks are a bit sad I find, I prefer to form my opinion on arguments and critics.

@@Gnanmankoudji I suspect Christian is politely indicating that comparing his company affiliation product vs a competitor may not be a great career move for him. I understand his desire to remain objective.

@@phillippeerman2296 It's possible I don't know, but I don't think Wazuh could be a business competitor to Sophos, Fortinet, etc because most companies wants compliance, insurances, support, not "free" security. For a homelab and my general culture, on the other hand, I'm very interested in this kind of comparative.

Thanks! Let me know how it's working for you

Thanks, that's when you always work to the limit, I'm sorry 🙈

@@christianlempa Don't worry, it's super minor, doesn't take away from the video at all :D

🤣, once I reviewed some of the CVEs, the main problem seemed to be Ubuntu LTS with missing ESM, that would fix a bunch of them as well as upgrading to newer LTS versions. But as you said, nothing is facing external networks so technically it doesn’t matter really.

*sudo dist-upgrade if Proxmox

Thanks! Maybe, I'll have to look into that

I just deployed 4.8.1 this month and upgraded to 4.8.2 without issues

That's a great idea!

Thank you! That's a good idea, but maybe for somewhere next year :)

No idea, I haven't looked into compliance a lot

:D

Haha nice :D

If I cared about compliance, I'd prefer GDPR ;)

Thank you! :)

Thank you so much! :) Yes it is the server address, in my case it's the same, but yeah you're right

Awesome! :D No, I'm using a local authoritative DNS server that resolves the "home" zone of my public domain "clcreative.de" to my local servers. Then I'm using Traefik with cloudflare DNS challenge to issue trusted TLS certs for that domain.

Thank you :)

Thank you so much! :) I've not tested anything regarding openscap, so no idea unfortunately

@@christianlempa for what I have seen OpenSCAP seems to be disabled from the 3.9 release onward. I tried (only for an hour) to get the wodle from github with the phyton scripts to be enabled but failes. So I have a steep learning curve to go and solve 😅. Thanks again for your content and tremendous time and effort you spend in educating us. 🙏🏻

I only installed it on the VMs, not the HyperV, but that probably should be done as well

Thanks, the docker compose layout mainly comes from the Wazuh files, but I'm open for suggestions! Maybe we should upload it to my boilerplates repo and take care of this

Thank you! :)

How did you figure it out?

@@niko7915 github issues

@@niko7915 I've seen wrong results on my machines and found a bug report explaining the problem.

Damn, I randomly assign a different locale to every machine on my network, just to keep myself sharp.

​@@espressomatic it turns out that 4.8x still has bugs that were not in previous versions (((And I just thought about updating version 4.7.5.

Nice! That's exactly how I want these Ads to integrate into useful content :) Thank you for the feedback

Lucky you. Go back to sleep.

the repository had to be copied to the host first so that the certs.yml is already present, after that it works

Oh nice, glad you sorted it out! Thanks for the feedback :)

I think you can start with this video, and I'm gonna release more videos about protective cybersecurity :)

Sounds like a good idea to me :) If the MS-01 would have a rack mount I probably would use it too

@@christianlempa Yeah, i'm currently looking to buy the DeskPi RackMate. I think it will fit nicely.

M720q and m920q tinys have 3d printable rack mounts

Already planned! THank you :D

Getting this to work behind Traefik would be wonderful. I'd like to see this is as well! I've been trying to configure wazuh to work with my domain on traefik rather than just the ip address with limited success.

Warp 🥳

Thank you so much! :D Wazuh doesn't care which proxy is in front of it, could be anything like Caddy as well.

I haven't looked into that, yet.

From my understanding and what I’ve seen so far it would be complementary. However I haven’t seen a way to integrate them, maybe that would be interesting too

That's still on my list, but honestly not so high on the priority, so probably not in the near future :/ I'm sorry

@@christianlempa I am struggling through it!

It is! :D

Don't worry, you don't have to use all of the features, I agree it is overwhelming. But maybe start with the config assessment, this should be good for beginners as well

Start by disabling the CIS hardening checks. This will remove a bunch of noise. Cycle back when you are ready to setup configuration management for each OS type to satisfy CIS hardening standards

It might be, but I only have experience with in my HomeLab :)

Thank you! Maybe that's gonna be part of my follow-up configuration best-practices video

It is! :D

As the agent needs access to the system I think it's much easier to do it without docker

Oh yeah! :D

Thank you 😊

I don't think so, since Wazuh is already so much work :D but well... I never say never

Sophos XDR is a more managed complete solution for businesses that comes with many useful features. Wazuh is the open-source tool that helps you building a service like this yourself.

Thank you :D However, it's gonna be hard to make this, as my channel doesn't focus too heavily on security. I want to focus on a few tools that I like most and then make follow-up tutorials for those.

@@christianlempa That makes sense. Your videos seem to incorporate security naturally while you're setting things up, which is great, so keep up the great work :)

Can you suggest some UEM/MDM open source solutions?

Ich habe mich tatsächlich nicht viel mit LXC beschäftigt, da ich Docker für die bessere Technologie halte, wenn es um Container geht, aber sicherlich wäre das mit LXC genau so möglich gewesen.

There is a dark mode existing, I just didn't find it at first 🙈

@@christianlempa 👍🏻good

+1 :D

Keep in mind, in HomeLab it's never about what you need, but more about what you're interested in playing around with.

That's a completely different story, by the way, Crowdstrike wasn't hacked, they messed up something in their update procedure.

Read on the Wazuh website (Blog) how Wazuh avoids similar risk.