Social Icons

Sunday, January 13, 2019

How to install Graylog on Ubuntu 18.04.1 LTS ?

1.    Graylog2 is a powerful log management and analysis tool that has many use cases, from monitoring SSH logins and unusual activity to debugging applications. It is based on Elasticsearch, Java, MongoDB, and Scala.The installation is not exactly to say simple since a lot of integration goes behind involving different applications including Elasticsearch, Java, MongoDB, and Scala. But in few steps and little modifications in default configuration files,the same can be run with ease.

2.   Below are terminal commands with screen shots to achieve the same running

Firstly,the system that I m installing the GRAYLOG on ..the specs are as below

 Then coming to the root terminal...from where all the commands will be executed for installation.

$ apt update && apt upgrade

 Next we install the JDK module

$ apt install apt-transport-https uuid-runtime pwgen openjdk-8-jre-headless

 This is followed by installing ELASTICSEARCH

$ wget -qO - https://artifacts.elastic.co/GPG-KEY-elasticsearch | apt-key add -

 $ echo "deb https://artifacts.elastic.co/packages/5.x/apt stable main" | sudo tee -a /etc/apt/sources.list.d/elastic-5.x.list


Next we install
 $ apt update && apt install elasticsearch

This is followed by enabling the service and starting



$   systemctl enable elasticsearch
$   systemctl start elasticsearch

Amend cluster.name as graylog

 Followed by these lines at the EOF

script.inline: false
script.indexed: false
script.file: false
This is followed by

$ systemctl restart elasticsearch
 
Now install the key

$ apt-key adv --keyserver hkp://keyserver.ubuntu.com:80 --recv 2930ADAE8CAF5059EE73BB4B58712A2291FA4AD5 
 Then MANGODB repository

$ echo "deb [ arch=amd64,arm64 ] https://repo.mongodb.org/apt/ubuntu xenial/mongodb-org/3.6 multiverse" | sudo tee /etc/apt/sources.list.d/mongodb-org-3.6.list
 Install mongodb

$ apt update && apt install mongodb-org


$   systemctl start mongod
$    systemctl enable mongod

$ wget https://packages.graylog2.org/repo/packages/graylog-2.5-repository_latest.deb
$ dpkg -i graylog-2.5-repository_latest.deb
$ apt-get update
$ apt-get install graylog-server
 

After installation of the Graylog package is finished, we need to edit the configuration file to set our password in it and we do it using pwgen command 

$ pwgen -N 1 -s 96
 $ echo -n your_password | sha256sum
We place the above generated output in the conf file as seen below : 





Mayan EDMS : Opensource Document Management System : Installation UBUNTU

1.   Mayan EDMS is a web-based free/libre document management system for managing documents within an organization and all functionality is available in its free public version.Mayan EDMS is an electronic vault for your documents. Mayan EDMS has advanced search and categorization capabilities that helps reduce the time to find the information anyone needs. It is free open source and integrates with existing equipment, that means low to no initial investment, and even lower total cost of ownership, reducing operational costs has never been this easy.

2.     This post gives a screenshot reference for installation on a Ubuntu machine.The installation is simple and self explanatory.The list of commands involved too is mentioned below:

 













Saturday, November 17, 2018

BLOCKCHAIN TECHNOLOGY OVERVIEW & CRYPTOCURRENCY CRIMES: CBI ACADEMY

Sharing this presentation here in this post that brings an exhaustive overview of the Blockchain Technology and emerging Cryptocurrencies crimes.The presentation was given at CBI Academy on 16 Nov 18 by self :


























Sunday, September 09, 2018

Aadhaar on Blockchain : Consider or not? - Post 1/2

[This post builds upon introducing Aadhaar,its size,current way of handling the data sets,discuss its problems and subsequently followed by proposing Blockchain as a solution]

1.   When Aadhaar was originally introduced around 2009-10 by the Unique Identification Authority of India (UIDAI),it would not have envisaged the kind of Data juggling,analytics and security threats it would be subjected to in times to come.And here we are around the third quarter of 2018,wherein Aadhaar is central to so many authentications in the country ,being exploited in so many public utility services and also at the same time being subjected to all kind of threats and claims of data theft and leaks.For a record,it is estimated that around 1.2 billion citizens record are held in the CENTRAL servers and thus forms the worlds largest bio-metric identity repository in the world.UIDAI claims that the same is protected by layers of state of art cryptography in central servers located in the country. 

2.  Now in the world of IT,wherein claiming to be 100% secure is likely to remain a myth for ages ahead,can something like un-hackable really exist on this earth? We may harden something,we may actually add layers of security, we may do every possible hard encryption on this earth,but can we imagine a fool-proof IT domain anywhere. The question here attains severe importance when a Bio-metric repository data of 1.2 billion plus population of a country is at stake.

3.  Now what do we have on the platter here,if we consider the size of data,we can have the following assumptions :

(a) Per person biometric data size : 4-6 MB (Maximum I take)

(b) Approx data populated for : Around 1.25 billion plus ie 1,250,000,000 count

Total data ie to say 6 MB x 1,250,000,000 = 7500000000 MB Data ie around 7.5 Petabyte.....that's it...extrapolate the same with on-site backup and mirrors around...disaster recovery sites...we may just be discussing around 20 PB of data.

Even if we consider,augmenting data with the remaining population and generations ahead,we will be at max around 40-45PB of data to suffice around next few decades.That's all from point of view of the scalability of data and size.

4.  Now for this amount data, what are our security options in the present scenario.

Firstly we keep doing permutations and combinations and applying layers of hard coded security to the central servers that we have at various locations mirrored to each other.This presently includes the following : [SOURCE : http://www.cse.iitd.ernet.in/~suban/reports/aadhaar.pdf]

- 2048 bit PKI  encryption of biometric data in transit. End-to-end encryption from enrollment/POS to CIDR.

-   Trusted network carriers.

Effective precaution against denial of service (DOS) attacks.

- HMAC(
keyed-hash message authentication code) based tamper detection of PID (Personal Identity Data) blocks,  which encapsulate bio-metric and other data at the field devices.

Registration and authentication of AUAs.

-  Within CIDR only a SHA-n Hash of Aadhaar number is stored.

Audit trails are stored SHA-n encrypted, possibly also with HMAC based tamper detection.

Only hashes of passwords and PINs are stored

-  Biometric data are stored in original form though.

Authentication requests have unique session keys and HMAC.

- Protection against replay attacks.

-  Resident data stored using 100 way sharding (vertical partitioning).First two digits of Aadhaar number are used as shared keys.

-  All system accesses, including administration, through a hardware security module (HSM) which maintains an audit trail.

All analytics carried out only on anonymized data.

From the IT guys perspectives,don't we actually know that above are all individual knitted layers and tools of security wherein we are creating a very complex network of solution for ourselves which might get even more complex to handle and manage in times to come with more severe security threats in pipelines. 

At the same time, above all solutions and knits combinations are looking and bracing for external threats while we take the insider threats as negligible or taken for granted any day.

So do we have any other ecosystem of architecture that turns the tables upside down from the security and immutability point of view while OFFERING A MORE ROBUST SECURE IMMUTABLE AND TRANSPARENT ARCHITECTURE...whether BLOCKCHAIN can be a solution?

So,we have the above scenario which discusses what do we have on the platter and what are we actually doing to negate the threats....the next post will discuss how BLOCKCHAIN can assist to negate the security threats Aadhaar faces as on date.

Powered By Blogger