-
Notifications
You must be signed in to change notification settings - Fork 521
Links
Please note! This wiki is no longer maintained. Our documentation has moved to https://securityonion.net/docs/. Please update your bookmarks. You can find the latest version of this page at: https://securityonion.net/docs/Links.
Internet Storm Center: Snort on VMWare ESXi:
https://isc.sans.edu/diary/Running+Snort+on+VMWare+ESXi/15899
https://isc.sans.edu/diary/Running+Snort+on+ESXi+using+the+Distributed+Switch/16391
Brett Cunningham (@jbc22) and Micah Kays (cczkays): Honeypot - Adventures with Security Onion
http://marryware.blogspot.com/2012/07/honeypot-adventures-with-security-onion.html
dfirn00b: Using Security Onion to Find ZeroAccess Trojan
http://dfirjournal.wordpress.com/2012/07/19/more-zeroaccess/
Richard Bejtlich: How to Break Into Security, Bejtlich Edition
http://krebsonsecurity.com/2012/07/how-to-break-into-security-bejtlich-edition/
Ashley Deuble: Using and Configuring Security Onion to detect and prevent Web Application Attacks
http://www.sans.org/reading_room/whitepapers/detection/rss/_33980
Brett Cunningham and Micah Kays: Honeypot monitoring with Security Onion
http://5x5sec.blogspot.com/2012/06/honeypot-design.html
Andy Ratcliff: Security Onion vs DVWA
http://infosecmatters.blogspot.com/2012/06/sql-command-injection-lab-part-1.html
http://infosecmatters.blogspot.com/2012/06/sql-command-injection-lab-part-2.html
Security Onion mentioned in Jon Schipp's presentation at AIDE 2012
http://www.irongeek.com/i.php?page=videos/aide2012/an-introduction-to-traffic-analysis-a-pragmatic-approach-jon-shipp
Entreprenur.com: Free Tools for Improving Online Security
http://www.entrepreneur.com/article/223572
Brad Shoop: Splunkin the Onion
http://eyeis.net/wp-content/uploads/2012/05/DC404-Splunkin-the-Onion.pdf
Brad Shoop's Splunk app for Security Onion
http://splunk-base.splunk.com/apps/45784/security-onion
Jason Wood: 2012 UTOSC - Peeling Back the Security Onion - Video
http://www.youtube.com/watch?v=KUnAJe8_ysw
Jason Wood: 2012 UTOSC - Peeling Back the Security Onion - Slides
http://tadaka.net/downloads/SecurityOnion-UTOS2012.pdf
Mark Hillick: Security Onion on a netbook
http://blog.markofu.com/2012/05/securityonion-on-netbook-with-port.html
Zero Slides @ IrissCon
http://blog.markofu.com/2012/11/zero-slides-irisscon.html
Peeling back your Network Layers with Security Onion
https://speakerdeck.com/markofu/peeling-back-your-network-layers-with-security-onion
Mark Hillick: HackEire
http://www.hackeire.net/2011/11/hackeire-2011-ramblings-part-1.html
http://www.hackeire.net/2011/12/hackeire-2011-ramblings-part-2.html
Packet Pushers Show 95 – Security Onion With Doug Burks -or- Why IDS Rules and IPS Drools
http://packetpushers.net/show-95-security-onion-with-doug-burks-or-why-ids-rules-and-ips-drools/
Brad Shoop: Clap…Be Amazed…Now Go Defend
http://eyeis.net/2012/03/clap-be-amazed-now-go-defend/
Ash: File Execution Vulnerability & Security Onion – Basics
http://security.crudtastic.com/?p=569
Andy Ratcliff: Installing Security Onion IDS/NSM on vSphere 5 with SPAN traffic from a Cisco switch
http://infosecmatters.blogspot.com/2012/04/installing-security-onion-idsnsm-on.html
Liam Randall
http://www.gigaco.com/tag/security-onion/
InfoSec Island Security Onion Intrusion Detection System Setup Tutorial
http://www.infosecisland.com/videos-view/19641-Security-Onion-Intrusion-Detection-System-Setup-Tutorial.html
Hakin9.org
http://hakin9.org/security-onion-exploiting-software-032012/
Stack Overflow
http://stackoverflow.com/tags/snort/info
PaulDotCom
http://pauldotcom.com/2012/01/security-onion---snorby-now-in.html
Network World
http://www.networkworld.com/community/blog/peeling-security-onion
Holistic InfoSec
http://holisticinfosec.org/toolsmith/pdf/may2011.pdf
- Introduction
- Use Cases
- Hardware Requirements
- Release Notes
- Download/Install
- Booting Issues
- After Installation
- UTC and Time Zones
- Services
- VirtualBox Walkthrough
- VMWare Walkthrough
- Videos
- Architecture
- Cheat Sheet
- Conference
- Elastic Stack
- Elastic Architecture
- Elasticsearch
- Logstash
- Kibana
- ElastAlert
- Curator
- FreqServer
- DomainStats
- Docker
- Redis
- Data Fields
- Beats
- Pre-Releases
- ELSA to Elastic
- Network Configuration
- Proxy Configuration
- Firewall/Hardening
- Email Configuration
- Integrating with other systems
- Changing IP Addresses
- NTP
- Managing Alerts
- Managing Rules
- Adding Local Rules
- Disabling Processes
- Filtering with BPF
- Adjusting PF_RING for traffic
- MySQL Tuning
- Adding a new disk
- High Performance Tuning
- Trimming PCAPs