Intrusion Detection System Tutorial: Setup Security Onion
In this video, I'll show you how to setup Security Onion, an open-source intrusion detection system packaged into a Linux distro. SecOnion is perfect for getting an intrusion detection system up and running quickly, and has some cool additional features like HIDS, SIEM, root kit detection, and file integrity monitoring.
For this to work, you will need a switch capable of SPANing/mirroring network traffic to a specific port. I will release a video/information about this process. For a small home network, I'd recommend the following: https://www.amazon.com/NETGEAR-ProSAFE-Gigabit-Managed-GS108E-300NAS/dp/B00M1C0186/ref=sr_1_sc_1?ie=UTF8&qid=1470783563&sr=8-1-spell&keywords=netgear+prosafe+plsu+8+port
I'm also going to upload a video about utilizing SecOnion and Splunk to ingest and correlate the data/alerts your Intrusion detection system will generate. SecOnion comes with ELSA, which you could use (along with Kibana) to display, visualize and create alerts.
Finally, i'll upload a video detailing the install and integration of the Collective Intelligence framework with your IDS/SIEM. Expect these videos within the next couple weeks.
Links for this video:
VirtualBox: https://www.virtualbox.org/wiki/Downloads
Security Onion: https://github.com/Security-Onion-Solutions/security-onion/blob/master/Verify_ISO.md
Видео Intrusion Detection System Tutorial: Setup Security Onion канала Sqearl Salazar
For this to work, you will need a switch capable of SPANing/mirroring network traffic to a specific port. I will release a video/information about this process. For a small home network, I'd recommend the following: https://www.amazon.com/NETGEAR-ProSAFE-Gigabit-Managed-GS108E-300NAS/dp/B00M1C0186/ref=sr_1_sc_1?ie=UTF8&qid=1470783563&sr=8-1-spell&keywords=netgear+prosafe+plsu+8+port
I'm also going to upload a video about utilizing SecOnion and Splunk to ingest and correlate the data/alerts your Intrusion detection system will generate. SecOnion comes with ELSA, which you could use (along with Kibana) to display, visualize and create alerts.
Finally, i'll upload a video detailing the install and integration of the Collective Intelligence framework with your IDS/SIEM. Expect these videos within the next couple weeks.
Links for this video:
VirtualBox: https://www.virtualbox.org/wiki/Downloads
Security Onion: https://github.com/Security-Onion-Solutions/security-onion/blob/master/Verify_ISO.md
Видео Intrusion Detection System Tutorial: Setup Security Onion канала Sqearl Salazar
Показать
Комментарии отсутствуют
Информация о видео
Другие видео канала
Splunk Tutorial- Linux Forwarder & Addon SetupSIEM Setup- Splunk & Security Onion InstallIntrusion Detection System Tutorial: Setup Security Onion 2019MouseJack Attack- Injection DemoWeb App Pentesting- SQL Injection & Php BackdoorWeb App Pentesting- File Include & Post ExploitationMouseJack Attack- Injection w/ JackitMouseJack Attack- Setup and Scan for Vulnerable MiceThinkPwn UEFI Exploit: Testing for Vulnerable Systems