Intrusion Detection System Tutorial: Setup Security Onion
In this video, I'll show you how to setup Security Onion, an open-source intrusion detection system packaged into a Linux distro. SecOnion is perfect for getting an intrusion detection system up and running quickly, and has some cool additional features like HIDS, SIEM, root kit detection, and file integrity monitoring.
For this to work, you will need a switch capable of SPANing/mirroring network traffic to a specific port. I will release a video/information about this process. For a small home network, I'd recommend the following: https://www.amazon.com/NETGEAR-ProSAFE-Gigabit-Managed-GS108E-300NAS/dp/B00M1C0186/ref=sr_1_sc_1?ie=UTF8&qid=1470783563&sr=8-1-spell&keywords=netgear+prosafe+plsu+8+port
I'm also going to upload a video about utilizing SecOnion and Splunk to ingest and correlate the data/alerts your Intrusion detection system will generate. SecOnion comes with ELSA, which you could use (along with Kibana) to display, visualize and create alerts.
Finally, i'll upload a video detailing the install and integration of the Collective Intelligence framework with your IDS/SIEM. Expect these videos within the next couple weeks.
Links for this video:
VirtualBox: https://www.virtualbox.org/wiki/Downloads
Security Onion: https://github.com/Security-Onion-Solutions/security-onion/blob/master/Verify_ISO.md
Видео Intrusion Detection System Tutorial: Setup Security Onion канала Sqearl Salazar
For this to work, you will need a switch capable of SPANing/mirroring network traffic to a specific port. I will release a video/information about this process. For a small home network, I'd recommend the following: https://www.amazon.com/NETGEAR-ProSAFE-Gigabit-Managed-GS108E-300NAS/dp/B00M1C0186/ref=sr_1_sc_1?ie=UTF8&qid=1470783563&sr=8-1-spell&keywords=netgear+prosafe+plsu+8+port
I'm also going to upload a video about utilizing SecOnion and Splunk to ingest and correlate the data/alerts your Intrusion detection system will generate. SecOnion comes with ELSA, which you could use (along with Kibana) to display, visualize and create alerts.
Finally, i'll upload a video detailing the install and integration of the Collective Intelligence framework with your IDS/SIEM. Expect these videos within the next couple weeks.
Links for this video:
VirtualBox: https://www.virtualbox.org/wiki/Downloads
Security Onion: https://github.com/Security-Onion-Solutions/security-onion/blob/master/Verify_ISO.md
Видео Intrusion Detection System Tutorial: Setup Security Onion канала Sqearl Salazar
Показать
Комментарии отсутствуют
Информация о видео
Другие видео канала
Splunk Tutorial- Linux Forwarder & Addon Setup
SIEM Setup- Splunk & Security Onion Install
Intrusion Detection System Tutorial: Setup Security Onion 2019
MouseJack Attack- Injection Demo
Web App Pentesting- SQL Injection & Php Backdoor
Web App Pentesting- File Include & Post Exploitation
MouseJack Attack- Injection w/ Jackit
MouseJack Attack- Setup and Scan for Vulnerable Mice
ThinkPwn UEFI Exploit: Testing for Vulnerable Systems