Want to show your support for Security Onion?
Several folks have asked about Security Onion t-shirts and they are available in our CafePress store!
Training
We have online training classes starting next Monday:
Commercial Support
Need commercial support? Please see:
Feedback
If you have any questions or problems, please use our security-onion mailing list:
Thanks!
ISO Boot Menu |
Boot splash |
Installer - Welcome |
Installer - Preparing |
Installer - Installation Type (now with LVM) |
Installer - Verify disk changes |
Installer - Time Zone |
Installer - Keyboard Layout |
Installer - hostname, username, and password |
Installer - Copying files |
Installer - Installation Complete |
Installer - ready to reboot |
GRUB Boot Menu |
Login screen |
Desktop |
Installing updates with soup |
Setup - Welcome |
Setup - Network Interfaces |
Setup - Management Interface |
Setup - IP Address for Management Interface |
Setup - Monitor (sniffing) interfaces |
Setup - Monitor (sniffing) interfaces |
Setup - Verify Choices |
Setup - Network Configuration Complete |
Reboot and log back in |
Run Setup Phase 2 |
Setup - Welcome |
Setup - Skip Network Configuration |
Setup - Evaluation Mode or Production Mode |
Setup - Monitor (sniffing) interface |
Setup - Username |
Setup - Password |
Setup - Confirm Password |
Setup - Confirm Options |
Setup - Progress Bar |
Setup - Complete |
Setup - sostat |
Setup - Rules |
Setup - links |
Setup - commercial support |
Verifying services |
Replaying pcaps to create traffic |
Launching Squert web interface |
Logging into Squert |
Squert Main Page |
Squert - drilling into a NIDS alert |
Squert - viewing NIDS alert payload |
Squert - viewing full packet capture |
Squert - Geoip Mapping |
Squert - Top Signatures |
Squert - Top IP Addresses |
Squert - Top Countries |
Squert - Top Ports |
Squert - Sankey Diagram |
Logging into Sguil |
Sguil - selecting networks (sensors) |
Sguil RealTime Events tab |
Sguil - pivoting from a NIDS alert to full packet capture |
Pivoting from a NIDS alert and sending pcap to Wireshark |
Pivoting from a NIDS alert and sending pcap to NetworkMiner |
Pivoting from a NIDS alert and decoding gzip-encoded data using Bro |
Logging into ELSA |
ELSA - Connections - Top SRC IPs |
ELSA - Connections - Top DST IPs |
ELSA - Connections - Top DST Ports |
ELSA - Connections - Top Services |
ELSA - Connections - Groupby Protocol |
ELSA - Connections - Groupby Responder's Country Code |
ELSA - DHCP - Top Assigned IPs |
ELSA - DHCP - DHCP Servers |
ELSA - DNS - Top Query Type |
ELSA - DNS - Top Return Code |
ELSA - Top nxdomain |
ELSA - Files - MIME Types |
ELSA - FTP - Top arg |
ELSA - HTTP - Top DST Ports |
ELSA - HTTP - Top MIME Types |
ELSA - HTTP - Top User Agents |
ELSA - HTTP - Top Sites |
ELSA - HTTP - Sites hosting EXEs |
ELSA - HTTP - Sites hosting CABs |
ELSA - HTTP - Sites Hosting JARs |
ELSA - HTTP - Sites hosting SWFs |
ELSA - HTTP - Sites hosting ZIPs |
ELSA - Kerberos - Top Services |
ELSA - Notices - Top Notice Types |
ELSA - SMTP - Top Subjects |
ELSA - Snort/Suricata - Top NIDS Alerts |
ELSA - Software - Software Detected by Bro |
ELSA - SSL - Top Hostnames |
No comments:
Post a Comment
Note: Only a member of this blog may post a comment.