Cybersecurity Detection Lab: Minimal Security Onion Setup for PCAP Analysis | IMPORT NODE
HTML-код
- Опубликовано: 19 авг 2024
- In this video, I walk through a minimal installation of Security Onion using the Import Node. This Security Onion setup requires minimal resources and allows you to use PCAP from malware traffic analysis for Security Investigations.
github.com/Sec...
___________________________________________
RESOURCES:
• PCAPs: www.malware-tr...
• SecOnion: github.com/Sec...
• Ubuntu: ubuntu.com/dow...
• Building A Cybersecurity Homelab Blog/Documentation: www.cyberwoxac....
______________
JOIN CYBERWOX ACADEMY ON DISCORD!
/ discord
CHECK OUT CYBERWOX ACADEMY'S WEBSITE
www.cyberwoxac...
CHECK OUT CYBERWOX ACADEMY ON RUclips!
/ @cyberwoxacademy
I hope you like this video! Please like, comment(ask me anything, I’m more than happy to help!), and subscribe:
/ daycyberwox
_____________
ABOUT ME
Hey there ~ I’m Day, I work as a Security Engineer. I make videos about cybersecurity, college, internships, certifications, and whatever else is on my mind. Thanks so much for watching :)
_____________
COLLABORATIONS & CONTACT
IG & Twittter: @daycyberwox
Email: day@cyberwoxacademy.com
________________________________________________
My Amazon Shop: www.amazon.com...
________________________________________________
MY DESK COMPONENTS
VIVO Electric Height Adjustable 63 x 32 inch - amzn.to/3G9MuCK
Work Desk - amzn.to/3G7fQS9
Autonomous ErgoChair Pro - www.autonomous...
VIOTEK SUW49C 49-Inch Super Ultrawide - tinyurl.com/vt...
VIOTEK NB32CB 32-Inch LED - tinyurl.com/vt...
HyperX QuadCast Microphone - amzn.to/3f03dws
Pop Filter - amzn.to/3t8pv7F
InnoGear Microphone Arm Stand - amzn.to/3t8gvPC
Rii RK901 Wireless Keyboard - amzn.to/3F8dgdB
Multi-Device Bluetooth RGB Keyboard - amzn.to/3JRLNjS
Desk Mat - amzn.to/3q3RinM
Razer Basilisk X Hyperspeed Wireless Gaming Mouse - amzn.to/3F7IbXa
Ergonomic Mouse Pad - amzn.to/3f0syq2
Phone Stand for Desk - amzn.to/3F7IsJG
iPad - 10.9-inch iPad Air Wi-Fi 256GB - Rose Gold
MacBook - 13-inch MacBook Pro - Space Gray, USB-C to USB Adapter
Laptop Dock - amzn.to/3f4TmFQ
Docking Station/USB hub - amzn.to/3zAA9Fg
Straight Monitor Mount - amzn.to/3zzBo7K
Adjustible Monitor Mount - amzn.to/3F8j46T
Sony Alpha a6400 - amzn.to/3F0xshq
Sigma 16mm Lens - amzn.to/337JCYx
Cold Shoe Adapter A6400 - amzn.to/3JRC6BZ
Dummy Battery Pack - amzn.to/3JPXVSu
Light mount - amzn.to/3f4NFaE
Light - amzn.to/3q2c4UF
Elgato Master Mount - amzn.to/3G94TQg
Elgato Flex Arm L - amzn.to/3t9POu2
Elgato 4k Cam Link - amzn.to/3f0EyI7
Amazon Echo Dot - amzn.to/32TruSD
Foot Rest - amzn.to/3F0KCeg
Paper Shedder - amzn.to/3q8hgXm
Kove Commuter 2 Speakers - www.koveaudio....
Govee LED Strips - amzn.to/3zL6auw
________________________________
DISCLAIMER:
This video description has some affiliate links and I may receive a small commission for purchases made through these links. Thank you for your support!
Thank you. This has been the only tutorial I could find, from articles and videos, that has actually worked for me. Only issue I had was unzipping the file on the CentOS ssh terminal, so I unzipped it on Ubuntu and sent the extracted file to CentOS with the scp command in a separate terminal. Again, thank you.
Wow! Took me 2 days and lots of learning! Great video and I am excited to learn more! I got stuck at some points and even used win 11 and updated version of software. Everything correlated! Amazing videos! I am also a student learning cybersecurity and this really helped me
Great job! Glad it was helpful!
you are my mentor whether you like it or yes LUL ..
Thank you Day always good content
Thanks Mike!
hey day thanks for great tutorial but can you tell me whats the default credentials for kibana? thamks
Thanks for the tutorial. On my side i can get analysis link after so-import-pcap. Any help ?
Hello Day,
I have built the setup as shown but I'm not seeing any logs from my Ubuntu machine. Do I have to do anything for the logs to be sent to the security onion from the Ubuntu machine?
Appreciate your efforts.
Permission denied,, when I enter the password of vm…what can I do?
Must be wrong password
@@DayCyberwox it’s the correct password!
Do you know how to import csv log file into security onion? Like is there a command or script like so-import? Also is there a way to automate so-import-pcap? Like a script that will automatically import pcap files?
I see no possible use case for csv files ins security onion except you wanna import them into kibana which will be done directly from there.
@@DayCyberwox So I can import csv files into kibana in security onion? I have the old version of security onion and there is no option to import csv file into kibana.
Might be a functionality not available in the old version
great vid mate very easy to follow along. also correct me if im wrong but you're currently working in cyber whilst still in school or you have another degree before hand?
Thanks!
Correct, I don’t have any degrees and I yes I current work in Cyber.
@@DayCyberwox ahh i see, congrats mate you got a bright career ahead of you. I'm currently working on my certs, do you think certs played a major role in your hiring and did they know you're currently completing your degree?
@@KingKongHitDaBong Thanks!
I’d say Certs might have played a part in that and also my previous experience. My manager also knows I’m working on my degree but he’s just a bad ass and knows that degrees are not a hard requirement to be in Cybersecurity
is it correct, you didn't add(in Customize hardware) VMnet4/VMnet5 in this lightweight SecOnion VM setup, just like you did on the first version/video SecOnion setup? and is there a way to integrate SecOnion in Pfsense just to minimize the active VMs, hence save pc resources? thanks
Correct. This is a standalone setup and is all on the NAT network. Integrating SecOniom w pfsense was covered in the previous SecOnion video.
@@DayCyberwox great, thanks!
Hi Even though I'm practicing to become a SOC analyst entry level. Hiring Managers only consider experienced people. How can I overcome it? and if I send my CV via email can you check my CV whether it is in order or not?
Bro, Im in the same situation. I think we can't be SOC analyst if we don't have any cybersecurity degree, or analyste soc company experience ( I have a master degree in system and network with 3 years of internship) And all are saying we need a experienced person for the job ..
@@chrisferreira1332 yeah brother difficult to get into soc