Scribd Logo
Upload

Welcome to Scribd!

  • 12-Security Onion Installation

    Uploaded by

    mande
    122 views15 pages
    The document provides instructions for installing Security Onion on a VMware virtual machine. It describes downloading the Security Onion ISO file, creating a new VM in VMware with 200GB of storage, 3 network adapters, and installing Security Onion using the ISO file. Key steps include configuring the management interface with a static IP, monitoring interface, and Docker IP range. The username is set to "admin" and password is "Admin@12345".

    Original Description:

    Copyright

    © © All Rights Reserved

    Available Formats

    PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document
    The document provides instructions for installing Security Onion on a VMware virtual machine. It describes downloading the Security Onion ISO file, creating a new VM in VMware with 200GB of storage, 3 network adapters, and installing Security Onion using the ISO file. Key steps include configuring the management interface with a static IP, monitoring interface, and Docker IP range. The username is set to "admin" and password is "Admin@12345".

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    122 views15 pages

    12-Security Onion Installation

    Uploaded by

    mande
    The document provides instructions for installing Security Onion on a VMware virtual machine. It describes downloading the Security Onion ISO file, creating a new VM in VMware with 200GB of storage, 3 network adapters, and installing Security Onion using the ISO file. Key steps include configuring the management interface with a static IP, monitoring interface, and Docker IP range. The username is set to "admin" and password is "Admin@12345".

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    of 15

    Security Onion Installation:

    Download Security Onion .ISO file from below link.


    https://download.securityonion.net/file/securityonion/securityonion-2.3.250-20230519.iso

    Once you have VMware open, we can get started by clicking Create a New Virtual Machine. In
    the wizard, click Typical (recommended).

    1 | P a g e Created by Ahmad Ali E-Mail: ahmadalimsc@gmail.com , WhatsApp: 00966564303717


    Installer disc image file(iso): Browse for the Security Onion iso download and click Next.

    Select the guess operating system Linux and Version CentOS 7 64-bit and click Next.

    2 | P a g e Created by Ahmad Ali E-Mail: ahmadalimsc@gmail.com , WhatsApp: 00966564303717


    Name the virtual machine SecurityOnion and location where to store.

    Store virtual disk as a single file and set Maximum disk size (GB): 200 in this case.

    3 | P a g e Created by Ahmad Ali E-Mail: ahmadalimsc@gmail.com , WhatsApp: 00966564303717


    Click on Customize Hardware to change the setting.

    Initially, the VM only had one network adapter but based on our Lab Topology, we will need 2
    more interfaces for this lab. So click add then select network adapter to add. Also, remove
    things we do not need such as USB controller and sound card. Change the second Adopter
    setting to VMNet3 while second Adopter to VMNet5.

    4 | P a g e Created by Ahmad Ali E-Mail: ahmadalimsc@gmail.com , WhatsApp: 00966564303717


    Click Finish to close the Virtual Machine Settings and start the installation.

    Power on the machine and install security onion first option Install Security Onion 2.3.250.

    5 | P a g e Created by Ahmad Ali E-Mail: ahmadalimsc@gmail.com , WhatsApp: 00966564303717


    Press the ENTER Key to begin the installation process.

    Type yes when this pops up.

    Follow the other prompts and enter username and password in this case I set username admin
    and password two-time Admin@12345.

    6 | P a g e Created by Ahmad Ali E-Mail: ahmadalimsc@gmail.com , WhatsApp: 00966564303717


    Choose Yes and hit enter to continue.

    Select the first option Install choose OK and hit enter to continue.

    Select EVAL version and choose OK and hint enter to continue.

    7 | P a g e Created by Ahmad Ali E-Mail: ahmadalimsc@gmail.com , WhatsApp: 00966564303717


    Agree for the Elastic License, type AGREE in the box and choose OK hit enter to continue.

    Choose Yes and hit enter to continue.

    Type the hostname in this case the default securityonion choose OK and hit enter to continue.

    8 | P a g e Created by Ahmad Ali E-Mail: ahmadalimsc@gmail.com , WhatsApp: 00966564303717


    Choose Use Anyway hit enter to continue.

    We will use the first interface(ens32) as a management interface so we click space bar to select
    it and choose OK hit enter to continue.

    click space bar choose the STATIC click OK and hit enter to continue.

    9 | P a g e Created by Ahmad Ali E-Mail: ahmadalimsc@gmail.com , WhatsApp: 00966564303717


    Type the static IP address for Management Interface as per your NAT VMware workstation
    interface setting in my case 192.168.114.50/24

    Type the Gateway in my case 192.168.114.2 choose OK and hit enter to continue.

    Type the DNS Servers in my case I type 8.8.8.8 and 8.8.4.4 choose OK and hit enter.

    10 | P a g e Created by Ahmad Ali E-Mail: ahmadalimsc@gmail.com , WhatsApp: 00966564303717


    For search domain enter the domain name of your LAN network.

    Select OK to Continue.

    Next we select Standard choose OK and hit enter to continue.

    Select Direct and choose OK to continue the setup. We also want direct connectivity to the
    internet.

    11 | P a g e Created by Ahmad Ali E-Mail: ahmadalimsc@gmail.com , WhatsApp: 00966564303717


    We will next setup the monitoring interface which will be ens33.

    leave everything selected. Choose OK and hit enter to continue the setup.

    Leave as default since it already contains all the private IPs.

    12 | P a g e Created by Ahmad Ali E-Mail: ahmadalimsc@gmail.com , WhatsApp: 00966564303717


    leave everything selected. Choose OK and hit enter to continue the setup.

    We also want to keep the default Docker IP range.

    The next slide prompts us to create an email address to access the web interface.

    13 | P a g e Created by Ahmad Ali E-Mail: ahmadalimsc@gmail.com , WhatsApp: 00966564303717


    Type the password in this case Admin@12345.

    Repeat the password in this case Admin@12345.

    How we would like to access the web UI. You can leave this as IP choose OK and hit enter.

    14 | P a g e Created by Ahmad Ali E-Mail: ahmadalimsc@gmail.com , WhatsApp: 00966564303717


    Next page asked to allow NTP service ensure to select No and hit enter to continue.

    We will next be prompted with the follow but we don't want to run so-allow right now because
    we need to do something else before running it so-allow.

    On the summary page, take note of the access url. This is what you will enter to access Security
    Onion through the web interface.

    The installation in process it will take time to complete.

    15 | P a g e Created by Ahmad Ali E-Mail: ahmadalimsc@gmail.com , WhatsApp: 00966564303717

    You might also like