The onion podcast not updating
Installing VMWare tools on Security Onion is no different than installing VMWare tools on any other Linux guest OS.
In some cases we may want to disable a rule, or change the alert threshold.
Congratulations, you have successfully setup Security Onion, configured Snort to monitor your data, and are using Snorby to view alerts. He is responsible for providing IT security solutions to major enterprises and government organizations. Lakhani creates technical security strategies and leads security implementation projects for Fortune 500 companies.
You will need to ensure you are root when from this point forward. Part V: Setting up Security Onion Congratulations you have installed Security Onion Part VI: Using Security Onion The first thing we will want to do is update the Snort rules in Security Onion.
Open up a terminal window and enure you have root privileges.
Detailed instructions can be found here: may need to reboot your system after you install VMWare Tools.
These instructions can be modified to work on similar systems.
Here’s a one-liner that will do that: sudo apt-get update ; sudo apt-get install securityonion-pfring-module ; sudo apt-get dist-upgrade If you accidentally install both the kernel and PF_RING packages at the same time and then reboot and find out that PF_RING services (Snort and Suricata) are failing, you can reinstall the securityonion-pfring-module package: sudo apt-get install –reinstall securityonion-pfring-module NOTE: I used the sudo -i command to gain root privileges to system.It is not uncommon that you may need to perform this step several times before all updates are downloaded and installed.When all updates have finished installing, restart the system.You will use the email address and password you created during the setup script in Part V to login. Security incidents can be created based on rules (or multiple events).You may not have many alerts at this point, however, if you navigate to the “Events” menu bar, you should start seeing some traffic (assuming your monitoring interface is setup correctly). In this scenario you can see we have Dropbox and Bit Torrent traffic.Part III: Installing VMWare Tools (Optional) I personally prefer to install VMWare tools on my system.