4.2 Server Configuration Demo Part 2

00:00

All right, let's get started. So, in the interest of time, I have three pre built servers that will be using for this demonstration.

00:10

We have S O Master has so forward and eso storage. Each one of them has eight gigs of memory and four processors.

00:20

Um, the master and the storage node

00:24

each have just one network adapter. While the forward node has the management adapter as well as to sniffing interfaces. The tap that I'm using has to stiffing interfaces on It's 14 in and one for out. So

00:42

we need to interface is too

00:44

captured that traffic.

00:46

So for this demonstration, there are two ways that we could do it. What we could configure our servers. We could either go through the console in PHP virtual box, or we could do it through the terminal and putty using X 11 forwarding.

01:04

Since the console in PHP virtual box tends to be a little bit buggy, we will

01:12

use the terminal. We'll use sshh next 11 forwarding. I like using putty because you can pretty much always get a terminal.

01:23

So let's get started.

01:26

So there are a couple of things that we need to do to get X 11 forwarding toe work for us. First thing is we need to have,

01:37

uh, server running on our desktop to allow it. In this case, it is ex Ming server for me.

01:47

So we want to throw in our I P address.

01:55

When? Nine. To 1680 64.

01:59

Just to make things a little bit easier to read, I'm going to put everything in bold.

02:04

Then down under. Sshh, You need to go to x 11

02:07

and enable x 11 forwarding.

02:13

Okay, we have our terminal

02:15

user name and password.

02:19

Okay,

02:21

Let's just get all of our terminals open.

02:30

Let's do it.

02:32

62. Next.

02:38

Help.

02:40

Forgot things that we were supposed to set up on there.

02:45

Try that again.

02:52

Okay. Wanted appearance.

02:57

Bold. Okay.

02:59

Sssh. X 11 Enable x 11 Forwarding

03:30

cold again.

03:31

S S H X 11

03:34

enable x 11 forwarding. Okay,

03:38

I know. Right now, most of you. The x 11 doesn't make a whole lot of sense, but

03:44

in a moment it Well,

03:46

all right. So we have the three Putty sessions open

03:51

now. The first thing that I want to do in preparation of

03:54

running our configuration scripts is create a couple of user accounts,

04:00

So we do. Pseudo pseudo

04:06

pseudo had the user,

04:09

and we want to add a user for each one of our child nodes.

04:14

It is, ah, good best practice to have a user account created for each one of your child nodes. That is a separate username and separate password.

04:24

That way, if any of one of your child nodes is compromised, your entire network is not compromised.

04:30

So let's do it.

04:33

We'll do forward,

04:35

child.

04:48

This child's name is forward.

04:51

Something you should probably not name your actual child.

04:56

It's a different discussion,

04:58

okay? And we want

05:00

forward child to be in the pseudo er group.

05:03

Okay,

05:08

now let's do one for storage.

05:27

All right, now, let's get going on our set up scripts if you'll remember. When we were setting up our stand alone server, we went to the

05:40

desktop of our server and double clicked on the

05:44

security onion set up

05:46

icon on the desktop.

05:48

And then we got the little pop up window that guided us through, setting everything up well, typically with uh,

05:57

terminal session, you don't get pop up windows, but

06:00

by using X 11 forwarding redo

06:06

there we go.

06:10

So

06:12

what?

06:14

Welcome to security, Onion set up. It will set up all of these things for us. And guess we want to continue. That's why we're here,

06:21

asking if we want to set up our network interfaces. Yes, we do.

06:28

We only have one interface

06:30

that will be our management interface.

06:33

Let's do static.

06:36

My I P addresses don't change very often here, so I'm comfortable doing static

06:46

2 64

06:53

sub net mask to 55 to 55 to 50. I got zero

07:01

our gateway.

07:04

It'll be typically to be your

07:09

first i p address in your sub net. So that one

07:16

Deanna server

07:19

this will be that one as well.

07:23

On a lot of more corporate networks, you'll have dedicated D. N s servers outside of your

07:30

ah, router, which is what I'm using at home.

07:32

So if if you do have dedicated Deanna servers at work, then

07:38

care of those in here,

07:41

don't

07:42

we want our local domain name? I'm not created, so it's just domain.

07:49

And yes, we want to make changes.

07:53

So while that is working on rebooting,

07:57

okay, we lost her network connection. That's

08:01

get going on our forward node

08:09

okay?

08:11

Yes. Continue.

08:13

He has configured network interfaces.

08:18

All right, so our forward no do does have are sniffing interfaces. So we need to make sure to select our

08:26

one management interface.

08:28

That is. Oh, free. In this case,

08:33

we want to do static again.

08:39

That one's 62 not 42.

09:05

Same information as her manager.

09:22

Right. So I asked if you wanted to set up our sniffing interfaces, and that'll be e N p zero s nine and 10.

09:35

All right. These are all the changes we have. Our static i p we have our gateway i p network mask Deanna server D N s domain, and are sniffing interfaces. Yes, We want to make changes.

09:48

And yes, reboot.

09:52

Now our last one. This s o storage

10:03

direct. Yes. We want to continue.

10:07

Yes, configure network interfaces.

10:11

We only have one interface. Our storage note is not going to be sniffing anything, so we only need the management interface.

10:18

Do static again.

10:24

It's

10:28

storage. So it's 63.

10:39

All right,

10:50

Go.