Security Onion
16.04

Table of Contents

  • About
  • Introduction
  • Getting Started
  • Analyst Tools
  • Network Visibility
  • Host Visibility
  • Elastic Stack
  • Updating
  • Accounts
  • Customizing for Your Environment
    • Network Configuration
    • Proxy Configuration
    • Firewall
    • Email Configuration
    • Changing IP Addresses
    • NTP
  • Tuning
  • Tricks and Tips
  • Services
  • Utilities
  • Help
  • Integrations
  • Security
  • Appendix
  • Cheat Sheet
Security Onion
  • Docs »
  • Customizing for Your Environment
  • Edit on GitHub

Customizing for Your EnvironmentΒΆ

This section covers how to customize Security Onion for your environment.

  • Network Configuration
    • Management interface
    • Sniffing interface(s)
    • Sample /etc/network/interfaces
    • Wireless interfaces
  • Proxy Configuration
    • Docker
    • sudo
    • PulledPork
  • Firewall
    • Setup defaults to only allowing port 22 (ssh)
    • Sensors automatically add their own firewall rules to the master server
    • UFW
  • Email Configuration
    • so-email
    • Sguil client
    • Manual Configuration
    • Operating System
    • Sguild
    • Wazuh
    • Zeek
    • Elastalert
    • Lack of network traffic
  • Changing IP Addresses
    • Update the actual IP address of the management interface
    • Update NSM config files to reflect the new IP address
    • Files to update when changing the IP address
  • NTP
    • Modifying
    • IDS Alerts
Next Previous

© Copyright 2021 Revision cd3a8f15.

Built with Sphinx using a theme provided by Read the Docs.
Read the Docs v: 16.04
Versions
latest
16.04
2.3
Downloads
pdf
html
epub
On Read the Docs
Project Home
Builds

Free document hosting provided by Read the Docs.