Time
1 hour 18 minutes
Difficulty
Beginner
CEU/CPE
2

Video Description

This lesson covers how to install an OSSIM server. Participants receive step by step instructions in this process using the VirtualBox application. First participants name their server and then memory is determined by how much space is available on the machine. It is recommended to have at least four GB of Ram but it's good to install nine. Next, create a virtual hard disk. Be sure to select the fixed size option (as opposed to the default dynamically allocated option). The fixed helps with performance whereas selection the dynamically allocated option assigns a maximum value for the space a VM can utilize. This can be limiting. When a VM is first created, it will be as small as possible but as it is utilized, it will increase in size. A fixed size allows for the completion of more intense tasks. Next, choose the install location using the assigned value and choose the hard disk size with a minimum of 15-20 gigs. After the storage is allocated, another processor needs to be given to the OSSIM server. This can be accomplished via settings and choosing virtual machines. This allows more ports to be assigned to the virtual machine. Next, complete the OSSIM installation, which is a Linux distribution. After the OSSIM is installed, first assign an IP address to the server which will also create a subnet mask, gateway and main server. After completing installation and rebooting the OSSIM server, participants can log in and very that everything is accurate. After the verification process, the OSSIM server is configured and ready for use. Now, go into networks and place the VM on a host only network. If using an all-in-one set up, be sure to add another network adaptor as well as set promiscuous mode to allow all traffic to be monitored which concludes the installation process.

Video Transcription

00:03
Hello and welcome to the next video.
00:05
In this video, we'll be installing our Oasis Valium server
00:09
to start open virtual box.
00:12
Click New.
00:14
You can name the server. Whatever you like.
00:16
I try to stick with the general naming convention.
00:22
This is a Lennox server,
00:24
and it's based on Debbie in
00:30
Memory will largely be determined by how much you have available.
00:34
I'd recommend at least four gigs of RAM.
00:37
I'll give my nine.
00:43
We're gonna create a virtual hard disk
00:46
video image
00:50
by default, dynamically allocated, selected.
00:53
We're going to switch this to fix eyes.
00:56
This helps with performance
00:59
dynamically allocated. You assign a max value your VM can take up
01:03
when he first create to be M,
01:06
it'll be a smallest possible, and as you use it, it'll destruction size
01:11
a fix. Eyes starts off at the large size.
01:15
This helps a Iot performance,
01:17
and we'll help more intensive tasks to complete.
01:25
In this section, we can choose our installed location.
01:29
You click this arrow here,
01:30
you can choose where you want your V M.
01:34
If you remember in the previous video,
01:38
we created this handy chart.
01:42
Reference this chart and find your VM location
01:46
needs that value.
01:51
Okay,
01:53
Next up, we choose our virtual hard this size.
01:56
I'd recommend 15 to 20 gigs at minimum.
02:05
I'll give mine 25
02:09
depending on how much size you take.
02:12
This process might take a while
02:25
for the future. Always fast forwarding these parts so you don't have to watch a loading bar go up.
02:36
Now that we have the storage allocated, we need to give another processor to R Osa Science Server.
02:42
Few bright collecting hit settings.
02:44
You'll see all the settings available for our virtual machine
02:46
Click System
02:49
processor.
02:52
And here is what will give at least one more core to our machine.
02:55
All the alien fault. Those asylum appliances require at least two cores to boot.
03:00
If you have more coarse, feel free to give euros a science server and extra core.
03:12
Make sure the service lucky to hit start
03:19
you'll see a little pop up.
03:21
Click this arrow
03:23
navigate to the only ball. Oh, it's a sigh image.
03:37
We're gonna select the asylum installation
03:42
and the process begins.
03:44
If you ever installed a Lennox distribution in the past, this process should be very familiar.
03:50
We're gonna select our language
03:52
location,
03:53
keyword, layup
04:06
and again any lengthy installation. I'll be fast forwarding
04:27
if you remember back to our chart. We've assigned an I P address to the server.
04:43
If you picked a normal I p addressing scheme yourself, that mask should be correct.
04:49
Same with the gateway
04:51
and the name server.
05:03
At this point, you can type in any re password you like.
05:08
Ordinarily, I'd recommend something complex but in the side of environment, I usually try to make it pretty simple.
05:24
Now we select our time's up.
06:02
Now that we've finished our installation and the oasis Time server has rebooted, we can log in.
06:11
This is the password that we said earlier in installation,
06:19
So we'll have a radio going over the configuration here. But for now, we're just gonna shut down our clients.
06:34
Now, if you're impatient, you could shut down the VM through virtual box.
06:39
But I found that sometimes just closing it the way it's meant to be close is beneficial.
07:00
Okay,
07:02
at this point, are always the same server is configured.
07:09
Go into the settings
07:10
network.
07:11
We're gonna change our network, it after type.
07:15
We're gonna be putting our V m on a host only network
07:23
at this point. If you have an all in one set up, you're gonna want to add another network adapter.
07:30
If you do add another network adapter,
07:33
you're also going to wanna add the promiscuous mood
07:36
to allow all or allow be EMS.
07:41
Since I'm doing a separate sensor. Well, if it's that again later,
07:49
this concludes our installation of the Oasis Time Server on our next video will install Roos Time sensor.

Up Next

AlienVault OSSIM

This course will use AlienVault OSSIM to showcase a Security Information and Event Management (SIEM) system. A SIEM is used to aggregate logs for all sources in a network, analyze the logs through a correlation engine, and generating alarms on malicious indicators and activity.

Instructed By

Instructor Profile Image
Anthony Isherwood
Instructor