Free
Security Onion
Security Onion is an open-source Network Security Monitoring and log management Linux Distribution. In this Security Onion course, you will explore the history, components, and architecture of the distro to improve your networking skills. Learn how to install and deploy server architectures, as well as how to replay or sniff traffic.

3
H
10
M
Time
beginner
difficulty
3
ceu/cpe
Course Content
10.4 Domain Stats and Frequency Server
Module 10: Other Functionality
10.3 DNS Anomaly Detection Script
Module 10: Other Functionality
10.2 Wazuh/OSSEC Functionality
Module 10: Other Functionality
10.1 Lesson 10 Overview
Module 10: Other Functionality
9.6 Other Helpful Commands and Tips
Module 9: Management Tips and Best Practices
9.5 Autocat Rules Management
Module 9: Management Tips and Best Practices
9.4 IDS Rules Management
Module 9: Management Tips and Best Practices
9.3 Proxy Settings
Module 9: Management Tips and Best Practices
9.2 Salt Tips
Module 9: Management Tips and Best Practices
9.1 Lesson 9 Agenda
Module 9: Management Tips and Best Practices
8.3 SSH Success
Module 8: Sniffing Traffic in a Distributed Environment
8.2 Traffic Overview in Kibana
Module 8: Sniffing Traffic in a Distributed Environment
8.1 Sniffing Traffic
Module 8: Sniffing Traffic in a Distributed Environment
7.4 Review
Module 7: Replaying Traffic on a Standalone Server
7.3 TCPReplay Part 3
Module 7: Replaying Traffic on a Standalone Server
7.2 TCPReplay Part 2
Module 7: Replaying Traffic on a Standalone Server
7.1 TCPReplay Part 1
Module 7: Replaying Traffic on a Standalone Server
6.2 Resources Part 2
Module 6: Resources
6.1 Resources Part 1
Module 6: Resources
5.4 Security Onion Terminal
Module 5: Reviewing the Installation
5.3 Security Onion Web Browser Tools
Module 5: Reviewing the Installation
5.2 Checking System Services With sostat
Module 5: Reviewing the Installation
5.1 Server Installation Review
Module 5: Reviewing the Installation
4.3 Server Configuration Demo Part 3
Module 4: Installing a Distributed Environment
4.2 Server Configuration Demo Part 2
Module 4: Installing a Distributed Environment
Course Description
Overall, this course will allow you to learn how to maintain and update Security Onion.
Students should have networking knowledge (TCP/IP, Protocols, Packets, etc.), linux knowledge (mkdir, Is, vi, ifconfig, etc.), and security technology knowledge (IDS, Full Packet Capture, etc).