The stars aligned and I stumbled upon NSMnow. This is an amazing little project that will analyze your system; download and install Barnyard2, SanCP, Snort, and Sguil; and automatically configure the whole thing! I ran NSMnow in a terminal chrooted into the Security Onion LiveCD build environment (courtesy of Reconstructor) and a few minutes later it was done. I generated a new ISO, booted it, ran the init script, and fired up the Sguil client. That was too easy!
![](https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhjDizRgeQMDZbB1WOeXN17ZOECLmq4v0QIEtJ2Nb1w_XzW1BghzWM5KFy0edgJsL9qPzCcjyAKezs-pfSW72DmAYjDHhxuv28RSBnSFxRRjNctZpS7XRfO5irDzIBQL6JQIY8i1t3Qiqo/s400/Picture+1.png)
No comments:
Post a Comment