Time
1 hour 18 minutes
Difficulty
Beginner
CEU/CPE
2

Video Transcription

00:01
Hello. Welcome to the next video.
00:03
And this video will be installing R O s asylum sensor.
00:07
This process is mostly the same as installing server, but I'll walk you through it just in case
00:14
we're gonna hit New
00:18
follower named Convention.
00:21
If you remember, this is a
00:23
Debian base
00:27
and Marie size. This could be quite a bit less in the server, but I still recommend four gigs of Ram.
00:38
Create a virtual hard disk. Beady eye.
00:42
Remember to make sure we click fix eyes
00:49
and again referring back toward documentation,
00:52
we could see that we want the sensor on a different Dr than our server.
01:10
I'm going to give this
01:11
15 Giggs,
01:18
remember, depending on how much space you give, it could take some time.
01:22
Usually anything below 20 gigs will get done pretty quickly.
01:46
Okay, Now we have our sensor to work with.
01:49
To start,
01:51
we're still gonna have to give our server, at least, uh, of course,
01:57
if you have Maura, what? Recommend giving your sensor more than two cores, especially in a lab environment versus a Maybe a small businesses, something like that.
02:05
If you have any extra cores past two, I would give it to the server verse of the sensor.
02:14
Let's start.
02:21
We're gonna slept are
02:22
it was a sigh image.
02:35
Largest differentiating factor is instead of clicking, install a only bought oasis Valium. We're gonna be installing any vault sensor.
02:52
This part should be largely familiar
03:23
for the I. P address. Remember to refer back to the lab diagram.
03:38
Net Max should be the same. Gateway should also be the same.
03:58
Now we enter the room password.
04:00
You're installing this in a
04:02
anything outside of a lab environment. Really? Like a small business or something like that. You're definitely gonna want
04:09
to make this a more complex password as well is different than the essence. I am super. I would recommend installing a password manager and creating randomly generated passwords for that. But since this is a lot of environment, I'm gonna use the same password. Is the server just for simplicity's sake?
04:49
Time's up,
05:02
and now we have our insult.
05:05
I'll fast for this part.
05:50
Okay, Now that we have our sensor installed, we can go ahead and power down the B m for now.
06:00
This next step will apply to both the sensor or the server if you doing and only one set up.
06:05
So what we're gonna do is go into the machine settings,
06:10
got a network
06:15
switch the network to host only.
06:17
We're actually gonna add another adapter,
06:21
and it's gonna be for our
06:25
network intrusion detection.
06:27
We're gonna allow promiscuous mood.
06:30
This allows this network adapter
06:32
to sense all the network traffic coursing through this virtual environment. We have,
06:39
ideally, in a production system, you're gonna have a switch with the SPAN port or something like that,
06:45
and it'll mere the network traffic going through the network. But for a laps it up, you can just hit promiscuous mode and it will do the same thing.
06:59
And now we're done.
07:01
If you wanted to test your systems, you can log in.
07:25
I usually like to verify connectivity between the two. So what you can do is jail break into one of the systems
07:35
and make sure paying works.
07:39
This is just a good double check to make sure we have our bases covered.
07:45
Now that we have these two systems installed become, configure them

Up Next

AlienVault OSSIM

This course will use AlienVault OSSIM to showcase a Security Information and Event Management (SIEM) system. A SIEM is used to aggregate logs for all sources in a network, analyze the logs through a correlation engine, and generating alarms on malicious indicators and activity.

Instructed By

Instructor Profile Image
Anthony Isherwood
Instructor