I've been working through this setup today and I was stuck here (confused myself with the network interfaces because I'm setting it up with VirtualBox). Wish you'd dropped this a few hours ago, haha! Keep em coming man. Awesome content.
for anyone who is unable to connect to the security onion ip from the sec analyst device like i was, take a look at the management ip that's in the screenshot you took from the screen at 10:03. use this instead of the ip address that ifconfig gives you.
192.168.135.X network not shown on your diagram. The ubuntu machine also gets the 192.168.135.X address and the Security Onion also gets a DHCP address in the same range. Please update your diagram.
VMWare does not allow you to select a guest OS anymore, it automatically detects it and its not CentOS7. The security onion installation also does not have alot of the same steps anymore. It doesnt ask for home networks or Bond NICs. I hope it still is set up fine, I followed as closely as possible. Thanks for the tutorial
Hello, I have already done the so-allow, but when I tried to go into security onion address on ubuntu, it just shows me a 401 error authorization required
I have used the so-allow command to connect to my kali but then also I am getting the error, the proxy server is refusing connection . Any suggestions what can I do?
Anybody know why I am stuck at running post-installation scripts? I know this vid dropped a year ago, but I just recently came across this channel. One issue might be the size of the iso according to one google answer. Thanks for the instruction, it's wonderful!
Hey Cyberwox, I’m getting stuck during the post-installation scripts. Every time it finishes “installing”, it would hang and get stuck on the part where it says post installation scripts. Any idea how to fix this. I figured my specs was the issue but I tried using 16 gb ram and 300 gb of storage with 4 processors but still having the same issue.
Hello Day I’ve installed security onion on my VMware to do the malware analysis. When I triple click the link to view the analysis it will time out. I can ping the up address but can’t pull up the site. Any suggestions?
I love SecOnion interface and the default tools that come with it, I don't have a powerful computer that I can use right now, so I will buy a server or something. Can SecOnion use in real enterprise companies! This is one of my great vid. One more question, how will this tool detect attacks from Kali, so they just need to be on the same network (LAN) and then that means they will be able to talk to each other w/o doing any configuration? Thanks again!
You don’t have to have a powerful server to use security onion! With security onions so-import coal option you can run it with just 4Gb RAM and start doing hunts with PCAP samples from malware analysis dot net. If you’re interested in this I can show how to get started with it 🙂. In terms of detecting attacks from Kali, I’m gonna have windows and Linux endpoints using either syslog or elastic winbeats to feed logs to kibana on security onion and see what attacks are being run from Kali. This is in the scope of the project.
Hi, I tried installing the latest version of Security Onion, and it's stuck at running post-installation scripts. I have not been able to fix this issue. It would be great if you could help me with this. Thank you
apparently security onion 2.4 does not run on centos 7. Also the so-allow command is deprecated and all of the firewall settings is done via the online interface. Unfortunately, firefox times out everytime i try to access the web interface on the ubuntu VM. If anyone else is trying to get this done in 2024, let me know. thanks
@@christ5687 I have similar issue. During install, it shows a loop stating that the sobridge port 13 has entered blocking state and disabled state. If you find a fix, please help
Hey body I have a problem while I set up my virtual machine So when I want to choose my iso file which is security onion I take this response you don't have permission to open this file Contact the file owner or an administrator to obtain permission !! I need this I'll be thankful for the response 🙏❤️
Don't forget to take snapshots for SecOnion & SecOnionMgmt!
I've been working through this setup today and I was stuck here (confused myself with the network interfaces because I'm setting it up with VirtualBox). Wish you'd dropped this a few hours ago, haha! Keep em coming man. Awesome content.
I actually had this planned for Friday, glad I dropped it earlier!
for anyone who is unable to connect to the security onion ip from the sec analyst device like i was, take a look at the management ip that's in the screenshot you took from the screen at 10:03. use this instead of the ip address that ifconfig gives you.
unfortunately for me both are same. And i'm not able to connect to web interface. I searched the whole internet. Any suggestions??
dude, thanks for taking the time to make these!
Holy f$%^n sheet dude, I have been trying to install this for days, your vid popped up outa nowhere and it worked!!! You sir do rock :)
Thanks Can't wait to try this!
192.168.135.X network not shown on your diagram. The ubuntu machine also gets the 192.168.135.X address and the Security Onion also gets a DHCP address in the same range. Please update your diagram.
Neat and cristal clear presentation 👌
VMWare does not allow you to select a guest OS anymore, it automatically detects it and its not CentOS7. The security onion installation also does not have alot of the same steps anymore. It doesnt ask for home networks or Bond NICs. I hope it still is set up fine, I followed as closely as possible. Thanks for the tutorial
Hey, Linux folks =D
I'm building this lab using KVM/QEMU on arch linux host.
Hello, I have already done the so-allow, but when I tried to go into security onion address on ubuntu, it just shows me a 401 error authorization required
Did you ever resolve this?
@@silence6605 update security onion using (sudo soup) then wait 5 min and do (sudo so-status) if you have ok to all services then u goot to go
You the man............................
Awesome video. Thanks a lot.
Good content
Thanks!
Even though i put the ubuntu desktop's ip as "analyst", it still cant access the site? is it na ip issue?
I have used the so-allow command to connect to my kali but then also I am getting the error, the proxy server is refusing connection . Any suggestions what can I do?
SecOnion web interface will not load even though i have entered everything correctly and so-status says everything is up and running help please
Did you ever find the problem?
Did anyone figure the issue?
Hello, Ive got one question... How do you know which interface like enp0s# is which vmnet# thank you...
Anybody know why I am stuck at running post-installation scripts? I know this vid dropped a year ago, but I just recently came across this channel. One issue might be the size of the iso according to one google answer. Thanks for the instruction, it's wonderful!
Do you ever figure out the fix?
@@Lantyyyy Nah, gave up on that
excelente ayuda muchas gracias
Hey Cyberwox,
I’m getting stuck during the post-installation scripts. Every time it finishes “installing”, it would hang and get stuck on the part where it says post installation scripts. Any idea how to fix this. I figured my specs was the issue but I tried using 16 gb ram and 300 gb of storage with 4 processors but still having the same issue.
Is there a guide for setting up endpoints to be monitored? Would like to install monitoring agents on my windows and Linux machines.
Hello Day I’ve installed security onion on my VMware to do the malware analysis. When I triple click the link to view the analysis it will time out. I can ping the up address but can’t pull up the site. Any suggestions?
What URL are you using? Is it the URL containing the IP address of the SecOnion machine?
Yes it has the up of the vm it it. It’s strange because I can ping the ip from the analyst machine but it times out when trying to pull it up
Have your tried restarting the SecOnion machine?
I will try that. Thanks!!!
No problems! Check out the discord link in my bio and join so I can help troubleshoot better.🙂
I love SecOnion interface and the default tools that come with it, I don't have a powerful computer that I can use right now, so I will buy a server or something. Can SecOnion use in real enterprise companies! This is one of my great vid. One more question, how will this tool detect attacks from Kali, so they just need to be on the same network (LAN) and then that means they will be able to talk to each other w/o doing any configuration? Thanks again!
You don’t have to have a powerful server to use security onion! With security onions so-import coal option you can run it with just 4Gb RAM and start doing hunts with PCAP samples from malware analysis dot net. If you’re interested in this I can show how to get started with it 🙂.
In terms of detecting attacks from Kali, I’m gonna have windows and Linux endpoints using either syslog or elastic winbeats to feed logs to kibana on security onion and see what attacks are being run from Kali. This is in the scope of the project.
@@DayCyberwox please how can I run it with less RAM
@@collinsnwanze8502 Here you go: ruclips.net/video/mgdbJApNfuQ/видео.html
@@DayCyberwox Thank you. I have not slept for 2days trying to go around it. bought an hard drive today but still not working
i have an issue with installing the sec onion the error message is operating system not found
Hi, I tried installing the latest version of Security Onion, and it's stuck at running post-installation scripts. I have not been able to fix this issue. It would be great if you could help me with this. Thank you
Same here ??
me too. I was so optimistic :(
Has anyone found the fix to this?
I'm stuck here my VirtualBox won't load ISO file during installation, can you help?
in security onion, when I type sudo so-allow. it says Please use the Configuration section in SOC to allow hosts
apparently security onion 2.4 does not run on centos 7. Also the so-allow command is deprecated and all of the firewall settings is done via the online interface. Unfortunately, firefox times out everytime i try to access the web interface on the ubuntu VM. If anyone else is trying to get this done in 2024, let me know. thanks
@@christ5687 I have similar issue. During install, it shows a loop stating that the sobridge port 13 has entered blocking state and disabled state. If you find a fix, please help
@@christ5687 thanks for the info. I will try to install it on a RHEL9 box...hopefully it works
I got error of "no default ui configuration directive found" can you please explain!!
Hey body
I have a problem while I set up my virtual machine
So when I want to choose my iso file which is security onion I take this response you don't have permission to open this file
Contact the file owner or an administrator to obtain permission !!
I need this
I'll be thankful for the response 🙏❤️
hello defender , im having a smal problem when i submit the email *gmail * it says invalid account
Do you know I would be seeing ens32 showing down when I followed your video to a tee
how much did it took you install sec onion? my installation is just stuck at "post installation scripts" and it s not moving forward
it probably ran an hour or more before it finally installed on mine
When setting up security onion, I’m getting ENS33 showing Link Down. How to fix?