The guidance in the article “Security Onion Set Up Part 1: Planning” no longer applies if you’re using the new Security Onion image because it uses Elastic Stack instead of ELSA. Elastic Stack might be a resource hog, but the workflow is superior compared to ELSA in the way you can visualize data in the... Continue reading Security Onion Set Up Part 1: Planning for Version 16.04
Before we begin configuring Security Onion, it’s a good idea to get an Oinkcode from snort.org if you’re going to use Snort. Snort can also use the Emerging Threat rulesets. There are three options available to obtain an Oinkcode. Community Edition – the rules are updated every 30 days, no support – FREE Personal – the... Continue reading Security Onion Set Up Part 3: Configuration of Version 14.04
This article is straightforward in that if you’ve installed an operating system before this won’t be an issue. The recommended installation medium is Rufus. Rufus creates a bootable thumb drive where you can place [.]img or [.]iso images. Thumb drives have a far higher data rate transfer than DVD’s making the installation quick.