Installing Security Onion
Рет қаралды 31,812
Күн бұрынSecurity Onion is a free blue team system and network monitoring set of software built on CentOS 7 x64. Today on Tech Tuesday I take you through installing it on VMWare Workstation.
Security Onion- securityonionsolutions.com
Security Onion Download - github.com/Sec...
How to Support:
🍺Buy Me A Beer: www.buymeacoff...
⏩GoFundMe: www.gofundme.c...
⏩Patreon: / cyberwarriorstudios
Merchandise:
⏩www.cyberwarri...
Please subscribe, like, and comment! I want your input and ideas! Let me know what you'd like to see discussed next!
How to connect:
⏩Twitter: @CyberWarriorSt1
⏩ Instagram: @CyberWarriorStudios
⏩ Facebook: @CyberWarriorStudios
⏩Discord: CyberWarrior#7090
⏩Reddit: / cyberwarriorstudios
Eric Belardo Cyber: / ericbelardocyber
**Tech Tuesday**
#techtuesday
#securityonion
#blueteam
#nids
#newbattlefields
#vmware
#vmwareworkstation
#cyberwarriorstudios
#cyberwarrior
#purpleteam
#networkmonitoring
@CyberWarriorStudios 2 жыл бұрын
Don't forget if you like this video make sure to Like, Comment, and Subscribe if you haven't done so yet. Also check the description for all the ways you can follow and support the channel!
@BrianWarnercontinuousqa Жыл бұрын
Man this is awesome. I always had a hurdle with specific setup of security onion and your process here helped me see my error in the network adapter setup. So thankful I found this.
@CyberWarriorStudios Жыл бұрын
Thank you for watching and glad I could help.
@EricBelardoCyber 3 жыл бұрын
Loved the install video !!!! Security Onion is the best!!!
@CyberWarriorStudios 3 жыл бұрын
Thanks!
@kofibonsu8466 2 жыл бұрын
no. I am the best
@JL-ud6xx Жыл бұрын
Thank you for showing the steps and your explaination it helps alot for new joiner like me !!!!!!
@CyberWarriorStudios Жыл бұрын
Glad it was helpful!
@JordanJiujitsu Жыл бұрын
This was an incredible tutorial! Thank you!
@CyberWarriorStudios Жыл бұрын
No problem, glad it could help.
@SundasLatif 3 жыл бұрын
Great, many thanks! Make more vedios on security onion.
@CyberWarriorStudios 3 жыл бұрын
I have 3 out now, will be working on more in the future don't worry.
@patrickdoane7 2 жыл бұрын
My Cyber Security HERO!! :D
@CyberWarriorStudios 2 жыл бұрын
Awe thank you!
@Dips_M 2 жыл бұрын
Excellent video, thank you!
@CyberWarriorStudios 2 жыл бұрын
Glad it was helpful!
@devilrayy 3 жыл бұрын
I am going to have to install my home lab!
@Zevilon05 3 ай бұрын
Okay folks, I am experiencing and issue and cannot find an answer anywhere. After a fresh installation of Onion production on Proxmox I cannot download the Windows Elastic Agent and just get a Windows download error saying network unavailable. I’ve searched everywhere for an answer any ideas?
@CyberWarriorStudios Жыл бұрын
For all the ways you can connect with me on social media and support the channel head to cyberwarriorstudios.bio.link
@wynnewu2877 3 жыл бұрын
i followed and it says "The IP being routed by linux is not the ip address assigned to the mangement interface (enp0s3). This is not a suppoerted configuration, please remediate and rerun" do you know how to fix it?
@CyberWarriorStudios 3 жыл бұрын
I would need to look at your setup, I haven't run into that issue before.
@hiepcanh7792 2 жыл бұрын
I have downloaded 2.3.110, but at the installation stage, enter something boot. so when i download the iso file is there any need to verify? and how to verify?
@shehzadarshad2000 2 жыл бұрын
nice video bro
@CyberWarriorStudios 2 жыл бұрын
Thanks man
@mallard3914 2 жыл бұрын
Love the video, I am installing inside virtual box. I have both network adapters setup #1 set to NAT and #2 set as internal network. I'm really confused when it asks what network to install on the managment NIC. My host ip is 10.0.0.0/24
@mallard3914 2 жыл бұрын
Putting both nics in same network worked. Thanks
@updateserver 2 жыл бұрын
for some odd reason during my installation process it gets stuck at "running post installation scripts" (takes 30 mins+ at that part) so I just restart the whole VM instead. Then it takes me to the login, once I input the credentials it says incorrect. I double check my login so I know its not. I read documentation to find this issue but it does not come up at all. Do you have any idea? I also have it running on CENT OS 7.
@updateserver 2 жыл бұрын
nvm I fixed it
@CyberWarriorStudios 2 жыл бұрын
Glad you were able to get it fixed, what was the issue?
@updateserver 2 жыл бұрын
@@CyberWarriorStudios the installation took 2 hours which was weird to me so that's why I would stop it & restart the VM. So, instead of restarting it again I would just click inside the VM and press enter, and make sure the cursor continued to blink then after that it went to the reboot prompt allowing me to put in my credentials.
@Ruthless_king Жыл бұрын
@@updateserver I’m having the same issue. So I should just wait?
@beardofsteve Жыл бұрын
@@Ruthless_king Did waiting work for you? I'm here for the same reason.
@RasetRus 2 жыл бұрын
for some reason I can't access web interface, it says " took too long to respond" , how can I fix it ?
@CyberWarriorStudios 2 жыл бұрын
How soon after starting it up are you trying to get to the web? It can take some time for the webserver and all applications to start.
@nourmarzouk350 Жыл бұрын
dont deny it Mr Warrior you are WoW player xD
@CyberWarriorStudios Жыл бұрын
Honestly I think I played it once but wasn’t a fan I preferred Star Wars
@johnbatasin1734 2 жыл бұрын
could you make a video on how to set up seconion on distributed mode?
@CyberWarriorStudios 2 жыл бұрын
Let me do a cost analysis and see if I have the hardware for it. It would be interesting to see in a full blown lab which currently I do not have.
@Ucsd4life Жыл бұрын
Is Security Onion now on Ubuntu?
@CyberWarriorStudios Жыл бұрын
I believe so
@vimukthiperera581 Жыл бұрын
sir i install security onion but i didn't received thehive in its tool section
@CyberWarriorStudios Жыл бұрын
Interesting, what version did you install?
@neon_Nomad Жыл бұрын
Nice
@CyberWarriorStudios Жыл бұрын
Thanks
@rahulmishra0802 2 жыл бұрын
Nice video sir But how to get the logs of other VM like ubuntu in security onion. Please help
@CyberWarriorStudios 2 жыл бұрын
That would require setting up syslog or another forwarding service like rsyslog on your ubuntu box. I believe I have a video about that within this playlist.
@rahulmishra0802 2 жыл бұрын
Ok Sir Thanks , instantly i go through that video. Thanks for the reply sir
@thegreatkris24 2 жыл бұрын
how do you get to that login screen? thats all i wanted to see lol
@CyberWarriorStudios 2 жыл бұрын
What login screen?
@Gustavoutnfra 3 жыл бұрын
*Hi, excellent video. My only way to install it, is through CentOS 7 and the /nsm partition wasn't created. Should I create it before installing Security Onion? Is really important that partition? Thanks a lot.*
@CyberWarriorStudios 3 жыл бұрын
Gus, if you are installing on top of CentOS 7 as opposed to the securityonion.iso file itself then yes you would need to create that partition. However, if you are using the iso it will partition your drives for you.
@CyberWarriorStudios 3 жыл бұрын
docs.securityonion.net/en/2.3/partitioning.html
@Gustavoutnfra 3 жыл бұрын
@@CyberWarriorStudios Thank you. I installed SecurityOnion from CentOS some days ago and I was checking that and endeed the partition is no there, but there was a NSM folder into /home partition. Is that a problem ? or would you recommend create the /nsm partition anyway?
@CyberWarriorStudios 3 жыл бұрын
Let me do some digging and find out. As I used their iso I have not run into this issue and only know what the documentation shows me.
@bavialireza9959 Жыл бұрын
how long it is take for updating packages ? after 20 min still 2% .
@CyberWarriorStudios Жыл бұрын
I’ve seen that issue before, let me do some digging and see if I ever found the cause.
@SachinSharma-en8pt 2 жыл бұрын
Nice video. My check is failing at 11:50 and giving me error- so-preflight script failed checking one or more URL required by setup. do you know how can i fix this? thanks
@CyberWarriorStudios 2 жыл бұрын
I will have to take a look at the error as I haven't seen it before.
@SachinSharma-en8pt 2 жыл бұрын
@@CyberWarriorStudios sure, and one more question- how do I choose my static IP settings? I am using vmware workstation on my windows 11. how can i check which IP and Gateway to use?
@CyberWarriorStudios 2 жыл бұрын
@@SachinSharma-en8pt For which the management interface or the monitoring interface?
@Mike01010011 2 жыл бұрын
quick question, if i'm using pfsense as the gateway, should I select "Proxy" or "Direct" when connecting to the Internet?
@CyberWarriorStudios 2 жыл бұрын
If you are using pfsense as the gateway then I would assume Proxy, however since I haven't connected it like that before I cannot give you a definitive answer. If you play around and find the right answer please let me know so others can see it in the comments.
@Mike01010011 2 жыл бұрын
@@CyberWarriorStudios I got an invalid address:port error when I tried the-ip-address:80 using "Proxy". However, when I selected "Direct" it worked after a pfSense restart
@CyberWarriorStudios 2 жыл бұрын
Thank you for the update, hope everything continues to work for you and if you have any other questions please don't hesitate to reach out.
@RaymondJonesrejlive Жыл бұрын
After the configuration I am having login issues after powering off the VM. After restart it shows 'securityonion login:' I type in the username hit enter then it asks for password and after I type in the password it displays 'login incorrect'. Weird thing is I can still log into the web interface. I know the username and password is correct I have reinstalled SO several times and double check the username and password. Anyone know what is wrong?
@CyberWarriorStudios Жыл бұрын
@Raymond Jones, before I go too deep into looking at the issues out of curiosity have you attempted to use root as the login username? I don't necessarily think that's right but without reviewing all the steps right now that is the first thing that comes to mind based on the little information I have. Failing that, let me look into all the different steps to install again and I'll get back to you on what could potentially cause this problem.
@RaymondJonesrejlive Жыл бұрын
@@CyberWarriorStudios Thanks for checking on this your video was great. I found that it says that 'user is not in the sudoers file. This incident will be reported.' I am using Centos 7 64 and the fixes I found for Ubuntu dont work so far but I have not tried everything.
@CyberWarriorStudios Жыл бұрын
@@RaymondJonesrejlive you may want to try look at RHEL or CentOS fixes since CentOS is the free version of RHEL
@RaymondJonesrejlive Жыл бұрын
@@CyberWarriorStudios Thanks for the information and help.
@CyberWarriorStudios Жыл бұрын
@@RaymondJonesrejlive No problem, I'm still looking into this while working on some other projects. So if you find the fix in the mean time please let me know.
@kofibonsu8466 2 жыл бұрын
is the ISO broken or something? Ive tried to install this on vmware workstation, virtualbox and vmware player and I get errors importing the ISO.
@CyberWarriorStudios 2 жыл бұрын
You shouldn't be importing the ISO you should be using the ISO to install the OS. I don't know of any issues with the ISO itself.
@kofibonsu8466 2 жыл бұрын
@@CyberWarriorStudios poor choice of words, yes I meant using the iso to install it. There’s gotta be a problem because I’ve tried this on different computers and everything and same error
@CyberWarriorStudios 2 жыл бұрын
Have you attempted to re-download the ISO?
@kofibonsu8466 2 жыл бұрын
@@CyberWarriorStudios oh yeah I did, it worked. I guess the one I had earlier was broken or something.
@CyberWarriorStudios 2 жыл бұрын
It happens, every so often a download looks like it completed properly but something gets corrupted in the process. If enough is downloaded to still look like a complete ISO though it seems legit.
@codykillian9403 Жыл бұрын
no matter whether I try and create a seconion machine with static ips or dhcp I can never access the actual web gui. Im not sure why I even followed this video step by step, what do u recommend.
@CyberWarriorStudios Жыл бұрын
Hmm interesting let me go back through and see what happens
@matthewsweeney3680 Жыл бұрын
Your microphone is a bit wonky
@CyberWarriorStudios Жыл бұрын
I’ve changed things a bit so I’ll end up re recording this series with the updated SO and hopefully the audio will be better
@orangehatmusic225 2 жыл бұрын
Someone forgot to use promiscuous mode...
@CyberWarriorStudios 2 жыл бұрын
No I had 2 NICs one is in promiscuous mode the other is in management mode.
@orangehatmusic225 2 жыл бұрын
@@CyberWarriorStudios You forgot to mention that in your video.
@floydian4evr Жыл бұрын
@@CyberWarriorStudios For which NIC? NAT or Bridged?
@itmaster9256 2 жыл бұрын
please use mic next time :)
@CyberWarriorStudios 2 жыл бұрын
I did use my mic, were you not able to hear?
@shanecherniss 2 жыл бұрын
@@CyberWarriorStudios Your sound is good through out.
@CyberWarriorStudios 2 жыл бұрын
@@shanecherniss I thought so, I was confused.
@JacobVelasco-iw8jw Жыл бұрын
dude
@CyberWarriorStudios Жыл бұрын
Yes
Skill Set with Shehzad
Рет қаралды 14 М.
Attack Detect Defend (rot169)
Рет қаралды 11 М.
I.T Security Labs
Рет қаралды 35 М.