Time
1 hour 18 minutes
Difficulty
Beginner
CEU/CPE
2

Video Transcription

00:00
Hello and welcome to the next video on this course on Oh, yes, I am.
00:04
In this video, we're gonna configure are always the same server and roos a science sensor.
00:10
The start log into your server
00:14
just to make sure I'm on the same page is my lab documentation.
00:18
I like the jailbreak.
00:21
Double check to make sure my I p address is the same
00:26
to get after that main screen,
00:29
you could hit, exit and enter twice
00:34
this point. We can get into our system preferences
00:37
and configure our host name,
00:45
actually, configure the host named to be identical. Toe the name of the V m. I set up
00:53
next week and configure data source plug ins.
01:03
A data source plug in is essentially a long part, sir.
01:07
For every different type of device you point on sending two euros a science server.
01:11
You're gonna wanna data source plug into Corley
01:18
for this lab environment. We're going to use this log.
01:32
You could hit spaces. Select
01:33
that hit enter.
01:38
At this point, we can go back to the main screen and had apply all changes.
01:53
Next up is roos asylum sensor.
02:00
Go ahead and log in
02:06
and just a start. I'm going to the same basic checks that I did on the server.
02:14
Good there.
02:20
Not my change. The host name.
02:28
I won't go ahead and add that data source Plug in.
02:44
At this point, the process was identical to the server
02:47
Forever. Sensor, you're gonna have to give a family vault server I p and Framework I p.
02:53
This tells a sensor where to send all the correlated events and logs. It's gathering.
02:59
In this case, this will be our hostess. I am server
03:19
perfect.
03:21
We have one task left on that. It's configured the network monitoring
03:24
You should already be on the screen so you go ahead and hit. Enter
03:30
At this point, though, is a science sensor assumes that you want eat zero as your network interface.
03:38
What if you remember We add an extra interface and added promiscuous mode to that one.
03:43
So we're gonna de selectee zero
03:46
and add Anethe one.
03:47
If you're unfamiliar athletics, he zeros the fall interface
03:52
Every interface you add after that well, usually happy each one teeth to etcetera.
03:58
That's how we know that youth one is an extra added interface that we added for the promiscuous mode
04:04
look ahead. Okay,
04:06
Come back out of this
04:09
and apply all changes.
04:16
If you notice down at the bottom of the screen here
04:18
says access the eligible web interface using the following euro
04:24
that you're well should be
04:26
the i p. Address associated with the O. S s. I am server.
04:29
This is how we know that the changes we made took effect.
04:33
At this point, we have properly configure the it's a science sensor to talk to the Oasis Time server.

Up Next

AlienVault OSSIM

This course will use AlienVault OSSIM to showcase a Security Information and Event Management (SIEM) system. A SIEM is used to aggregate logs for all sources in a network, analyze the logs through a correlation engine, and generating alarms on malicious indicators and activity.

Instructed By

Instructor Profile Image
Anthony Isherwood
Instructor