Tuesday, June 30, 2009

Suggestions for the Security Onion LiveCD

I'm currently working on the next version of the Security Onion LiveCD. What specific packages/features would you like to see added to the Security Onion LiveCD? Post a comment here or contact me on Twitter. Thanks!

10 comments:

Anonymous said...

NAT, full router flexibility, and a direct access to the internet from a computer on the local network.This should be possible?
al wills

Doug Burks said...

Hi Al,

You can certainly accomplish this with the iptables command. I will look at including fwbuilder in the future for a GUI frontend for iptables.

Please let me know if you have any further suggestions!

Thanks,
Doug Burks

router1 said...

NAT, full router flexibility, and a direct access to the internet from a computer on the local network.Access from the local network only This should be possible?
al wills

Doug Burks said...

"Access from the local network only"

This could mean a few different things and could be implemented either with a local iptables firewall or with the existing routing infrastructure already in place outside of the box.

Please let me know if you have any further questions or suggestions!

Thanks,
Doug Burks

Metasploit said...

is it possible to combine Security Onion with BackTrack or use both of them at the same time?

Doug Burks said...

Hi Metasploit,

Backtrack 4 is based on Ubuntu (just like Security Onion) and so is therefore a good candidate for using the NSMnow installer to install and configure Snort, Sguil, Barnyard2, Sancp, etc. Reference this post for more information.

Likewise, Snort 3.0 (SnortSP) Beta 3 can be installed and configured on Backtrack 4 using my tutorials here:
Installing Snort 3.0 (SnortSP) Beta 3 on Ubuntu 8.04 in 3 Steps
Integrating Snort 3.0 Beta 3 and Sguil in 3 Steps

Please let me know if you have any further questions.

Thanks,
Doug Burks

Metasploit said...

ok thanks.. and i have another question. can i install it on a usb stick?

Doug Burks said...

Absolutely! You can use Unetbootin to install Security Onion on a bootable USB drive. For more information, please see:
http://pentestit.com/2009/06/28/boot-snort-sguil-usb/

Please let me know if you have any further questions or suggestions.

Thanks,
Doug Burks

plimop said...

you link is dead
do you have a new one

Doug Burks said...

Hi plimop,

You're commenting on a post from 2009. Look for a link on the right side of the page labeled "Download/Install" which should take you here:
http://code.google.com/p/security-onion/wiki/Installation