“Security Onion is a Linux distro for intrusion detection, network security monitoring, and log management. It’s based on Ubuntu and contains Snort, Suricata, Bro, OSSEC, Sguil, Squert, ELSA, Xplico, NetworkMiner, and many other security tools. The easy-to-use Setup wizard allows you to build an army of distributed sensors for your enterprise in minutes!”
I virtualized this under my Xenserver all-in-one host. This host has the resources to host a vm like this. It also contains my virtual pfSense firewall performing inter-VLAN routing and numerous virtual machines, so the Open vSwitch bridge is seeing nearly all the packets bouncing around my home network.
Recent Comments