Security Onion
latest

Table of Contents

  • About
  • Introduction
  • Getting Started
  • Analyst Tools
  • Network Visibility
  • Host Visibility
  • Elastic Stack
  • Updating
  • Accounts
  • Customizing for Your Environment
    • Network Configuration
    • Proxy Configuration
    • Firewall
    • Email Configuration
    • Changing IP Addresses
    • NTP
  • Tuning
  • Tricks and Tips
  • Services
  • Utilities
  • Help
  • Integrations
  • Security
  • Appendix
  • Cheat Sheet
Security Onion
  • »
  • Customizing for Your Environment
  • Edit on GitHub

Customizing for Your Environment

This section covers how to customize Security Onion for your environment.

  • Network Configuration
    • Management interface
    • Sniffing interface(s)
    • Sample /etc/network/interfaces
    • Wireless interfaces
  • Proxy Configuration
    • Docker
    • sudo
    • PulledPork
  • Firewall
    • Setup defaults to only allowing port 22 (ssh)
    • Sensors automatically add their own firewall rules to the master server
    • UFW
  • Email Configuration
    • so-email
    • Sguil client
    • Manual Configuration
    • Operating System
    • Sguild
    • Wazuh
    • Zeek
    • Elastalert
    • Lack of network traffic
  • Changing IP Addresses
    • Update the actual IP address of the management interface
    • Update NSM config files to reflect the new IP address
    • Files to update when changing the IP address
  • NTP
    • Modifying
    • IDS Alerts
Previous Next

© Copyright 2022. Revision 22325870.

Built with Sphinx using a theme provided by Read the Docs.