This is intended to be an educational aid to learn about red team tools, Linux logging and log file analysis in SIEMs.
Details about log shipping setup, default logins for access, configurable services and vulnerabilities.
Warning, do not allow this image to be directly accessible from the internet, keep it behind a firewall.
- shellshock
- auditd
- Apache
- MySQL
- SAMBA
- BIND
- syslog
- /var/log/secure
- /var/log/auth.log
- /var/log/faillog