continuous monitoring Archives - The Insecurity Matters Blog

Security Onion Set Up Part 1: Planning for Version 16.04

The guidance in the article “Security Onion Set Up Part 1: Planning” no longer applies if you’re using the new Security Onion image because it uses Elastic Stack instead of ELSA. Elastic Stack might be a resource hog, but the workflow is superior compared to ELSA in the way you can visualize data in the... Continue reading

Security Onion Set Up Part 3: Configuration of Version 14.04

Before we begin configuring Security Onion, it’s a good idea to get an Oinkcode from snort.org if you’re going to use Snort. Snort can also use the Emerging Threat rulesets. There are three options available to obtain an Oinkcode. Community Edition – the rules are updated every 30 days, no support – FREE Personal – the... Continue reading

Security Onion Set Up Part 2: Installation

This article is straightforward in that if you’ve installed an operating system before this won’t be an issue. The recommended installation medium is Rufus. Rufus creates a bootable thumb drive where you can place [.]img or [.]iso images. Thumb drives have a far higher data rate transfer than DVD’s making the installation quick.