Installing Security Onion
HTML-код
- Опубликовано: 16 авг 2021
- Security Onion is a free blue team system and network monitoring set of software built on CentOS 7 x64. Today on Tech Tuesday I take you through installing it on VMWare Workstation.
Security Onion- securityonionsolutions.com
Security Onion Download - github.com/Security-Onion-Sol...
How to Support:
🍺Buy Me A Beer: www.buymeacoffee.com/CyberWar...
⏩GoFundMe: www.gofundme.com/cyber-warrio...
⏩Patreon: / cyberwarriorstudios
Merchandise:
⏩www.cyberwarriorstudios.com
Please subscribe, like, and comment! I want your input and ideas! Let me know what you'd like to see discussed next!
How to connect:
⏩Twitter: @CyberWarriorSt1
⏩ Instagram: @CyberWarriorStudios
⏩ Facebook: @CyberWarriorStudios
⏩Discord: CyberWarrior#7090
⏩Reddit: / cyberwarriorstudios
Eric Belardo Cyber: / ericbelardocyber
**Tech Tuesday**
#techtuesday
#securityonion
#blueteam
#nids
#newbattlefields
#vmware
#vmwareworkstation
#cyberwarriorstudios
#cyberwarrior
#purpleteam
#networkmonitoring 
Наука
![XO (Only If You Say Yes) - ENHYPEN エンハイプン 엔하이픈 [Music Bank] | KBS WORLD TV 240712](http://i.ytimg.com/vi/wBT1bKKwPTo/mqdefault.jpg)
Don't forget if you like this video make sure to Like, Comment, and Subscribe if you haven't done so yet. Also check the description for all the ways you can follow and support the channel!
Man this is awesome. I always had a hurdle with specific setup of security onion and your process here helped me see my error in the network adapter setup. So thankful I found this.
Thank you for watching and glad I could help.
This was an incredible tutorial! Thank you!
No problem, glad it could help.
Loved the install video !!!! Security Onion is the best!!!
Thanks!
no. I am the best
Thank you for showing the steps and your explaination it helps alot for new joiner like me !!!!!!
Glad it was helpful!
Great, many thanks!
Make more vedios on security onion.
I have 3 out now, will be working on more in the future don't worry.
Excellent video, thank you!
Glad it was helpful!
I am going to have to install my home lab!
My Cyber Security HERO!! :D
Awe thank you!
nice video bro
Thanks man
I have downloaded 2.3.110, but at the installation stage, enter something boot. so when i download the iso file is there any need to verify? and how to verify?
Love the video, I am installing inside virtual box. I have both network adapters setup #1 set to NAT and #2 set as internal network. I'm really confused when it asks what network to install on the managment NIC. My host ip is 10.0.0.0/24
Putting both nics in same network worked. Thanks
Okay folks, I am experiencing and issue and cannot find an answer anywhere. After a fresh installation of Onion production on Proxmox I cannot download the Windows Elastic Agent and just get a Windows download error saying network unavailable. I’ve searched everywhere for an answer any ideas?
i followed and it says "The IP being routed by linux is not the ip address assigned to the mangement interface (enp0s3). This is not a suppoerted configuration, please remediate and rerun"
do you know how to fix it?
I would need to look at your setup, I haven't run into that issue before.
quick question, if i'm using pfsense as the gateway, should I select "Proxy" or "Direct" when connecting to the Internet?
If you are using pfsense as the gateway then I would assume Proxy, however since I haven't connected it like that before I cannot give you a definitive answer. If you play around and find the right answer please let me know so others can see it in the comments.
@@CyberWarriorStudios I got an invalid address:port error when I tried the-ip-address:80 using "Proxy". However, when I selected "Direct" it worked after a pfSense restart
Thank you for the update, hope everything continues to work for you and if you have any other questions please don't hesitate to reach out.
Nice
Thanks
*Hi, excellent video. My only way to install it, is through CentOS 7 and the /nsm partition wasn't created. Should I create it before installing Security Onion? Is really important that partition? Thanks a lot.*
Gus, if you are installing on top of CentOS 7 as opposed to the securityonion.iso file itself then yes you would need to create that partition. However, if you are using the iso it will partition your drives for you.
docs.securityonion.net/en/2.3/partitioning.html
@@CyberWarriorStudios Thank you. I installed SecurityOnion from CentOS some days ago and I was checking that and endeed the partition is no there, but there was a NSM folder into /home partition. Is that a problem ? or would you recommend create the /nsm partition anyway?
Let me do some digging and find out. As I used their iso I have not run into this issue and only know what the documentation shows me.
could you make a video on how to set up seconion on distributed mode?
Let me do a cost analysis and see if I have the hardware for it. It would be interesting to see in a full blown lab which currently I do not have.
for some reason I can't access web interface, it says " took too long to respond" , how can I fix it ?
How soon after starting it up are you trying to get to the web? It can take some time for the webserver and all applications to start.
for some odd reason during my installation process it gets stuck at "running post installation scripts" (takes 30 mins+ at that part) so I just restart the whole VM instead. Then it takes me to the login, once I input the credentials it says incorrect. I double check my login so I know its not. I read documentation to find this issue but it does not come up at all. Do you have any idea? I also have it running on CENT OS 7.
nvm I fixed it
Glad you were able to get it fixed, what was the issue?
@@CyberWarriorStudios the installation took 2 hours which was weird to me so that's why I would stop it & restart the VM. So, instead of restarting it again I would just click inside the VM and press enter, and make sure the cursor continued to blink then after that it went to the reboot prompt allowing me to put in my credentials.
@@updateserver I’m having the same issue. So I should just wait?
@@Ruthless_king Did waiting work for you? I'm here for the same reason.
sir i install security onion but i didn't received thehive in its tool section
Interesting, what version did you install?
dont deny it Mr Warrior you are WoW player xD
Honestly I think I played it once but wasn’t a fan I preferred Star Wars
Nice video. My check is failing at 11:50 and giving me error- so-preflight script failed checking one or more URL required by setup. do you know how can i fix this? thanks
I will have to take a look at the error as I haven't seen it before.
@@CyberWarriorStudios sure, and one more question- how do I choose my static IP settings? I am using vmware workstation on my windows 11. how can i check which IP and Gateway to use?
@@SachinSharma-en8pt For which the management interface or the monitoring interface?
how long it is take for updating packages ? after 20 min still 2% .
I’ve seen that issue before, let me do some digging and see if I ever found the cause.
is the ISO broken or something? Ive tried to install this on vmware workstation, virtualbox and vmware player and I get errors importing the ISO.
You shouldn't be importing the ISO you should be using the ISO to install the OS. I don't know of any issues with the ISO itself.
@@CyberWarriorStudios poor choice of words, yes I meant using the iso to install it. There’s gotta be a problem because I’ve tried this on different computers and everything and same error
Have you attempted to re-download the ISO?
@@CyberWarriorStudios oh yeah I did, it worked. I guess the one I had earlier was broken or something.
It happens, every so often a download looks like it completed properly but something gets corrupted in the process. If enough is downloaded to still look like a complete ISO though it seems legit.
how do you get to that login screen? thats all i wanted to see lol
What login screen?
no matter whether I try and create a seconion machine with static ips or dhcp I can never access the actual web gui. Im not sure why I even followed this video step by step, what do u recommend.
Hmm interesting let me go back through and see what happens
Is Security Onion now on Ubuntu?
I believe so
Nice video sir
But how to get the logs of other VM like ubuntu in security onion.
Please help
That would require setting up syslog or another forwarding service like rsyslog on your ubuntu box. I believe I have a video about that within this playlist.
Ok Sir Thanks , instantly i go through that video.
Thanks for the reply sir
After the configuration I am having login issues after powering off the VM.
After restart it shows 'securityonion login:' I type in the username hit enter then it asks for password and after I type in the password it displays 'login incorrect'. Weird thing is I can still log into the web interface. I know the username and password is correct I have reinstalled SO several times and double check the username and password. Anyone know what is wrong?
@Raymond Jones, before I go too deep into looking at the issues out of curiosity have you attempted to use root as the login username? I don't necessarily think that's right but without reviewing all the steps right now that is the first thing that comes to mind based on the little information I have. Failing that, let me look into all the different steps to install again and I'll get back to you on what could potentially cause this problem.
@@CyberWarriorStudios Thanks for checking on this your video was great.
I found that it says that 'user is not in the sudoers file. This incident will be reported.' I am using Centos 7 64 and the fixes I found for Ubuntu dont work so far but I have not tried everything.
@@RaymondJonesrejlive you may want to try look at RHEL or CentOS fixes since CentOS is the free version of RHEL
@@CyberWarriorStudios Thanks for the information and help.
@@RaymondJonesrejlive No problem, I'm still looking into this while working on some other projects. So if you find the fix in the mean time please let me know.
For all the ways you can connect with me on social media and support the channel head to cyberwarriorstudios.bio.link
Your microphone is a bit wonky
I’ve changed things a bit so I’ll end up re recording this series with the updated SO and hopefully the audio will be better
please use mic next time :)
I did use my mic, were you not able to hear?
@@CyberWarriorStudios Your sound is good through out.
@@shanecherniss I thought so, I was confused.
please comment on his RUclips videos next time :)
🧅🧅🖥🖥🖥🖥😎😎😎😎
Someone forgot to use promiscuous mode...
No I had 2 NICs one is in promiscuous mode the other is in management mode.
@@CyberWarriorStudios You forgot to mention that in your video.
@@CyberWarriorStudios For which NIC? NAT or Bridged?
dude
Yes