Security Onion Blog

Thursday, June 4, 2009

The Security Onion LiveCD is now available!

The Security Onion LiveCD is now available! You can download it from the following location:
http://distro.ibiblio.org/pub/linux/distributions/security-onion/

What is it?
The Security Onion LiveCD is a bootable CD that contains software used for installing, configuring, and testing Intrusion Detection Systems.

What software does it contain?
The Security Onion LiveCD is based on Xubuntu 9.04 and contains Snort 2.8.4.1, Snort 3.0.0b3 (Beta), sguil, idswakeup, nmap, metasploit, scapy, hping, fragroute, fragrouter, netcat, paketto, tcpreplay, and many other security tools.

What can it be used for?
  • The Security Onion LiveCD can be used for Intrusion Detection. Simply boot the CD and double-click either the Snort-Sguil or SnortSP-Sguil desktop shortcuts. The Snort and Sguil daemons will then start, listening on eth0 for any suspicious traffic and creating alerts in the Sguil console.
  • The Security Onion LiveCD can be used to test an Intrusion Detection System. Simply boot the CD and use the included tools (such as nmap, metasploit, idswakeup, scapy, hping, and others) to test your existing IDS or to test the included Snort 2.8.4.1 and Snort 3.0 Beta 3.
  • The Security Onion LiveCD can be used to install an Intrusion Detection System. Simply boot the CD and double-click the Install desktop shortcut. For more information about installation, please see the README desktop shortcut.
You can read more about the Security Onion LiveCD (and, specifically, the integration of Snort 3.0 and Sguil) in my SANS GCIA Gold Paper "Snort 3.0 Beta 3 for Analysts".

Please take a look at the Security Onion LiveCD and let me know what you think!

* Special thanks to:
  • Marty Roesch and the whole SourceFire team for all of their work these last 10 years to get Snort to where it is today.
  • The Sguil team for the best open-source tool to manage Snort alerts.
  • The SecurixLive crew for their awesome NSMnow installer, the easiest way to install and configure Snort/Sguil on Ubuntu Linux.
  • Ubuntu (and Debian) for their well-made Linux distribution(s).
  • The Reconstructor team for a very easy to use tool for remastering Ubuntu LiveCDs.
  • All developers in the open-source community who work so hard and produce such amazing tools.
at
Labels: , , , , , , , , , , , , , , ,

3 comments:

Anonymous said...

Download link is broken!

October 3, 2012 at 4:50 AM
Doug Burks said...

Hi Anonymous,

This post is from 2009. Please see the download link on the right side of the page.

Thanks,
Doug

October 3, 2012 at 5:58 AM
Anonymous said...

This is the best way to test new systems at the University.

Thank you, so much for your efforts.

God Bless, a fellow Christian.

December 21, 2012 at 12:58 PM

Post a Comment

Subscribe to: Post Comments (Atom)

Search This Blog

Featured Post

Cyber Monday Discount for Security Onion Merch and On-Demand Training!

We are thankful for our customers and community! As a way of saying thanks, we'd like to offer you a Cyber Monday discount on our merch ...

Popular Posts

  • Community Webinars featuring Security Onion
    Thanks to all who attended the Zeek webinar on May 27! For those weren't able to join, the recording should be available soon and we wi...
  • Security Onion 2.4 Base OS
    Introduction Recent events have forced us to change course on the base operating system (OS) for Security Onion 2.4.  On 6/21/2023, Red Hat ...
  • Security Advisory for Squert
    Introduction Jeffrey Medsger reported several command injection and SQL injection vulnerabilities in Squert.  Wes Lambert also discovered s...

Blog Archive