Video Activity

3.1 Security Onion Download and Installation Part 1

Video Transcript

Hey, folks, welcome to Lesson three of intro to Security Onion on Carl. And in this lesson, we will be installing a standalone security onion server. So for the agenda, first we'll see how to download at the I s so image for security Onion. Next, we'll see how to set up a virtual machine to host our security onion instance. Once that's all set up, we'll go over installing the OS and configuring it as a standalone server.

And finally, we'll upgrade the system once it's all been configured right before we jump into downloading and installing that has so image, let's review the requirements for the V. M. You want to make sure you're VM has at least four CPU cores, eight gigabytes of memory and at least 10 gigabytes of storage. If you go below these numbers, especially on the memory and cores, you may have issues with your V M that you won't really want to fight. In this demo. I will build the VM on my laptop to show you the process, but I won't be able to give it.

All of the all of the needed resource is since my laptop isn't powerful enough so I will move it to a virtual ization server later and bump up the resource is to make it usable. All right, let's get started. The first thing that will want to do is download the Esso image from the security onion, Get home page here. Then after that, will want to create a virtual machine in your hyper visor of choice. You can do with a virtual boxer, VM where, player, They're both good options. Then from there will install security onion, run through security scripts and update our system.

So I already have this whips I pulled up here. So this is the get help page that I linked in our slides. We can download our eyes. So image here. We also have our signatures to make sure that our I s O image is coming from the right source and nothing has been corrupted for the sake of this demonstration. We won't worry too much about that. So we will jump right over to, uh, the M where? So we will open a V m. Where in this case I'm using VM wear workstation 14 player. We will create a new virtual machine.

You want to grab installer disk image. I s Oh, right now. Have you boo to selected. We want to grab security. Onion. In this case, I downloaded this on ah, a couple months back. So almost four months, but should still be fine. We'll update the system. Okay, So, virtual mash, your VM wear excuse me could not detect the operating system, which is understandable. So we'll tell it that it's Lennox who boon to 64 bit because security onion is built on a boon to say next, you name it Security. Onion, cyber Eri Well, say 20 gig is fine. We'll split it into multiple files. Fine. Let's customize our hardware So Cabana likes.

Technically, Cabana likes toe have eight gigs of memory to run properly, but my laptop only has eight gigs, so in favor of not crashing my laptop will only give it for and we'll just say, two processors through. To course, that's fine. Now for a network adaptor. Will you just use in that butts? That will be our management interface. We want to add a second network adapter for our sniffing or playback interface. For that, we will say host only, and all of our other settings are just fine. Will say close. It all looks final.

Say finish. And now we can play our virtual machine. Oh, right. Okay. You can just ignore that on this, eh? But security onion, as you can see here, if I want to return to my computer, you had control. Halt. It's one of the things to remember when you're working with virtual machines. If you get stuck and can't get back out, just hit control, Holt and you get your mask back red. It'll take just a moment to boot. It'll automatically lug. And for us. There we go. All right, we have our home screen. And now, if you wanted to take security onion for ah, quick test drive, you could run through the applications here. We've got some of the system tools.

Just accessories. Play around with some of the stuff. Ah, but to really get into it, we want to install security onion. And we are getting this pop up down here, asking us if we want to install VM wear tools, huh? If you're going to be using your security onion or just any virtual machine instance decent amount, I'd recommend installing the tools. We won't cover it in here just because it's not really ah necessary for what we're doing. But this will allow you to share clipboards.

It'll allow you to recites the screen things like that so they can be pretty helpful. So we have our install script here. If you've ever installed a boon to before, it should be fairly familiar. So we choose English. Yes, that is what I'm currently speaking, say continue thinks for a minute. So we won't worry about downloading in updates while installing. We won't install their party tools. Third party tools mean more vulnerabilities, potentially cable race disk. That's fine. Don't think we'll need L V M, but we'll select that anyway.

All right is asking if this is partition tables. Air fine will say OK, so I live in Salt Lake, so we'll say Denver is fine. That's the closest big city that's recognized in my time zone. All right, so we have English English. This is kind of an annoying thing with out with running. The install script is you have to move the screen over the window over because since we don't have any of the VM where tools installed we can't resize.

All right, so my name is Carl King. Security onions. I bury We will pick a password. Oh, right. So right now it is installing. This will likely take a couple of minutes for everything to copy. Over. So think we'll just skip to the end? All right, So we skipped over all of the copying of files and installation. All told, it took about 15 minutes. Typically, it should be a bit quicker than that, but my laptops getting a little bit old. So you have installation complete. We can continue testing here. We didn't do much testing, so there's nothing really to continue, so here we will just restart.

Course link:
Security Onion
Security Onion is an open-source Network Security Monitoring and log management Linux Distribution. In this Security Onion course, you will explore the history, components, and architecture of the distro to improve your networking skills. Learn how to install and deploy server architectures, as well as how to replay or sniff traffic.
Instructed by
Karl Hansen

Cyber Security Analyst skilled in incident response, and managing Cyber Security Monitoring tools.