Introduction

Libellux: Up & Running provides documentation on how-to install open-source software from source. The focus is Zero Trust Network to enhance the security for existing applications or install tools to detect and prevent threats.

ko-fiopen in new window

Banner

DISCLAIMER

It is understood that this documentation, and any configurations may contain errors and are provided for education purposes only. The documentation, and any configurations are provided "as is" without warranty of any kind, whether express, implied, statutory, or otherwise.

Credits

RoleNames
Lead Authors:Fredrik Hilmersson @libelluxopen in new window
Contributors:Damir Kucic @dkucicopen in new window
Reviewers:Scott Shinn @atomicturtleopen in new window, Cornelius Kölbel @cornelinuxopen in new window, Adam Hilmersson @cnstaopen in new window, Björn Ricks @bjoernricksopen in new window
Supporters:HyperQubeopen in new window, Atomi Systemsopen in new window, Mullvad VPNopen in new window, JetBrainsopen in new window
Conventions
TypeConventionDescription
Environmentserver@ubuntuSuffix determine operating system
Server CLIserver@rockyCommands executed from server command-line
Client CLIclient@ubuntuCommands executed from client command-line
Server IP192.168.0.1Server IP address
Client IP192.168.0.2Client IP address
VPN server192.168.8.1WireGuard VPN server IP address
VPN client192.168.8.2WireGuard VPN client IP address

Table of contents

PART 1: ZERO TRUST NETWORK

PART 2: INTRUSTION DETECTION AND PREVENTION

PART 3: MONITORING AND MANAGEMENT

Feedback

Questionsopen in new window, commentsopen in new window, or problemsopen in new window regarding this service? Create an issue hereopen in new window or contact webmaster@libellux.com.

Road map

To follow the process and prioritization check out the project road mapopen in new window. Feel free to create a feature requestopen in new window if there's any documentation or software you would like us to cover.

Release notes

Libellux: Up and Running changelog (2.0.0) fredrik@libellux.com

Release Maintainers

Fredrik Hilmersson @libellux

Contributors on this release

Scott Shinn @atomicturtleopen in new window
Björn Ricks @bjoernricksopen in new window
Adam Hilmersson @cnstaopen in new window

Release notes

Special thanks on this release go out to:

This is a major release where we've upgraded the framework to VuePress Next (v2). So far we've updated all the sections under Intrusion Detection and Prevention to make it easier for readers to copy & paste segments. We also updated documentation for the latest version of the Greebone Vulnerability Manager (GVM) community edition. OSSEC has also be revisted and now cover source build on Rocky 8.4.

What's New:

Migration from VuePress v1.x to VuePress Next (v2.x) with PWA support
Greenbone Vulnerability Manager (GVM) revision 6. Latest GVM release (21.4.2) for Ubuntu 20.04 (Focal Fossa)
OSSEC Host Intrusion Detection System revision 2. Updated documentation for both Ubuntu 20.04 (Focal Fossa) and Rocky 8.4 (Green Obsidian)
WireGuard revision 2.
ClamAV Antivirus Server revision 2. Updated documentation for Ubuntu 20.04 (Focal Fossa) and how to build from source.
PSAD Intrusion Detection revision 2. Updated documentation for Ubuntu 20.04 (Focal Fossa).

General

Prior releases

Libellux: Up and Running changelog (1.1.0) fredrik@libellux.com

Release Maintainers

Fredrik Hilmersson @libelluxopen in new window

Contributors on this release

Cornelius Kölbel @cornelinuxopen in new window
Scott Shinn @atomicturtleopen in new window
Adam Hilmersson @cnstopen in new window

Release notes

Special thanks on this release go out to:

This is the first minor release of Libellux: Up and Running. Where we start combining the services to enhance the security in the Zero Trust Network. We added documentation how-to set up a virtual private network (VPN) using WireGuard. privacyIDEA will act as our central authentication server to both enforce two-factor authentication (using YubiKey 5 NFC) but also to apply an role-based access control (RBAC) approach. We also added a new section on how-to set up a server/client relationship with ClamAV Antivirus. Additionally we added the possiblity to comment using Gitalk.

What's New:

Two-factor authentiction w/ PrivacyIDEA FreeRADIUS plugin and YubiKey 5 NFC
Greenbone Vulnerability Manager (GVM) revision 5 w/ update for latest GVM release (21.04)
WireGuard Secure VPN Tunnel
ClamAV Antivirus Server
Scheduled jobs for GVM 21.04 to keep community feed up-to-date
Comments with Gitalk


Libellux: Up and Running changelog (1.0.1) fredrik@libellux.com

Release Maintainers

Fredrik Hilmersson @libelluxopen in new window

Contributors on this release

Scott Shinn @atomicturtleopen in new window
Adam Hilmersson @cnstaopen in new window

Release notes

The second release of Libellux: Up and Running mostly contain updates to already existing chapters. There is a few new additions to each chapter e.g. Agentless monitoring and Windows Server 2019 agent installation for OSSEC. The OpenVAS chapter has also been revised and updated with new features such as basic vulnerability scans to give a first hands-on experience. We've also completed the first revision for M/Monit System Monitoring.

What's New:

M/Monit System Monitoring (3.7.5) with Monit (5.27.0)
Agentless monitoring chapter to OSSEC Host Intrusion Detection (3.6.0)
Windows Server 2019 agent installation (OSSEC 3.6.0)
Basic authenticated and unauthenticated scan to OpenVAS Vulnerability Scanner (OpenVAS 20.08)


Libellux: Up and Running changelog (1.0.0) fredrik@libellux.com

Release Maintainers

Fredrik Hilmersson @libelluxopen in new window

Contributors on this release

Damir Kucic @dkucicopen in new window
Scott Shinn @atomicturtleopen in new window
Adam Hilmersson @cnstaopen in new window
Zeny Palac @doczenzenopen in new window
Falk @falkowichopen in new window

Release notes

This is the first release of Libellux: Up and Running. The initial release contain documentation and configuration for the software specified below (see What's New). Libellux: Up and Running is a collection of personal notes and documentation regarding open-source software configuration. The focus is to build a so called Zero Trust Network using a central authentication server to enhance the security for our existing applications. We will manage our network using an open-source software tool for provisioning and configuration management to automate and speed up productivity.

What's New:

OSSEC Host Intrusion Detection (3.6.0)
PSAD Intrusion Detection (2.4.6)
OpenVAS Vulnerability Scanner (OpenVAS 20.08, Atomicorp 20.08)