Offensive Sec Blog

Security of Information, Threat Intelligence, Hacking, Offensive Security, Pentest, Open Source, Hackers Tools, Leaks, Pr1v8, Premium Courses Free, etc

Tuesday, January 5, 2016

Security Onion - Linux Distro For Intrusion Detection, Network Security Monitoring, And Log Management

           ,       No comments    



Security Onion is a Linux distro for intrusion detection, network security monitoring, and log management. It's based on Ubuntu and contains Snort, Suricata, Bro, OSSEC, Sguil, Squert, ELSA, Xplico, NetworkMiner, and many other security tools. The easy-to-use Setup wizard allows you to build an army of distributed sensors for your enterprise in minutes!


Easy-to-use Setup wizard allows you to build an army of distributed sensors for your enterprise in minutes


Analyze your NIDS/HIDS alerts with Squert


Pivot between multiple data types with Sguil and send pcaps to Wireshark and NetworkMiner


Use ELSA to slice and dice your logs


Access full packet capture with CapMe


Snort/Suricata and Bro compiled with PF_RING to handle lots of traffic


Easy updates

Data Types

  • Alert data - HIDS alerts from OSSEC and NIDS alerts from Snort/Suricata
  • Asset data from Prads and Bro
  • Full content data from netsniff-ng
  • Host data via OSSEC and syslog-ng
  • Session data from Argus, Prads, and Bro
  • Transaction data - http/ftp/dns/ssl/other logs from Bro

Share:

0 comentários:

Post a Comment

Note: Only a member of this blog may post a comment.

Copyright © Offensive Sec Blog | Powered by OffensiveSec
Design by OffSec | Theme by Nasa Records | Distributed By Pirate Edition