Setting up Security Onion at home | By Z3R0th

Jun 10, 2020

Setting up Security Onion at home

First off, what exactly is Security Onion and why do I care about this? From their website, it is described as: “Security Onion is a free and open source Linux distribution for intrusion detection, enterprise security monitoring, and log management. It includes Elasticsearch, Logstash, Kibana, Snort, Suricata, Bro, Wazuh, Sguil, Squert, CyberChef, NetworkMiner, and many other security tools. The easy-to-use Setup wizard allows you to build an army of distributed sensors for your enterprise in minutes!”

Sounds awesome right? And the best part of all of this is that it’s free!

There are a couple different ways (that I know of) that you can set this up. If you have a spare computer that you don’t mind dedicating to becoming your Security Onion, or if you have a system dedicated to being an ESXI server. Luckily for you, I’ve done both!

Subscribe
Notify of
guest

1 Comment
Newest
Oldest Most Voted
Inline Feedbacks
View all comments
rdhiman
2 years ago

This article is very informative, but i have some questions as i have only modem and access point in my home and it’s not capable of configuring span/mirror port.

How do i place this switch ?

What would i need to configure on that switch ?

and lets say, if something goes wrong with switch will i continue getting internet through access point ?

If you can answer these questions, it will be great help.

© HAKIN9 MEDIA SP. Z O.O. SP. K. 2023