Man this is awesome. I always had a hurdle with specific setup of security onion and your process here helped me see my error in the network adapter setup. So thankful I found this.
For all the ways you can connect with me on social media and support the channel head to cyberwarriorstudios.bio.link
Thank you for showing the steps and your explaination it helps alot for new joiner like me !!!!!!
I am going to have to install my home lab!
Great, many thanks!
Make more vedios on security onion.
I have 3 out now, will be working on more in the future don't worry.
I have downloaded 2.3.110, but at the installation stage, enter something boot. so when i download the iso file is there any need to verify? and how to verify?
Love the video, I am installing inside virtual box. I have both network adapters setup #1 set to NAT and #2 set as internal network. I'm really confused when it asks what network to install on the managment NIC. My host ip is 10.0.0.0/24
quick question, if i'm using pfsense as the gateway, should I select "Proxy" or "Direct" when connecting to the Internet?
If you are using pfsense as the gateway then I would assume Proxy, however since I haven't connected it like that before I cannot give you a definitive answer. If you play around and find the right answer please let me know so others can see it in the comments.
@@CyberWarriorStudios I got an invalid address:port error when I tried the-ip-address:80 using "Proxy". However, when I selected "Direct" it worked after a pfSense restart
Thank you for the update, hope everything continues to work for you and if you have any other questions please don't hesitate to reach out.
Okay folks, I am experiencing and issue and cannot find an answer anywhere. After a fresh installation of Onion production on Proxmox I cannot download the Windows Elastic Agent and just get a Windows download error saying network unavailable. I’ve searched everywhere for an answer any ideas?
*Hi, excellent video. My only way to install it, is through CentOS 7 and the /nsm partition wasn't created. Should I create it before installing Security Onion? Is really important that partition? Thanks a lot.*
Gus, if you are installing on top of CentOS 7 as opposed to the securityonion.iso file itself then yes you would need to create that partition. However, if you are using the iso it will partition your drives for you.
@@CyberWarriorStudios Thank you. I installed SecurityOnion from CentOS some days ago and I was checking that and endeed the partition is no there, but there was a NSM folder into /home partition. Is that a problem ? or would you recommend create the /nsm partition anyway?
Let me do some digging and find out. As I used their iso I have not run into this issue and only know what the documentation shows me.
i followed and it says "The IP being routed by linux is not the ip address assigned to the mangement interface (enp0s3). This is not a suppoerted configuration, please remediate and rerun"
do you know how to fix it?
I would need to look at your setup, I haven't run into that issue before.
could you make a video on how to set up seconion on distributed mode?
Let me do a cost analysis and see if I have the hardware for it. It would be interesting to see in a full blown lab which currently I do not have.
Nice video. My check is failing at 11:50 and giving me error- so-preflight script failed checking one or more URL required by setup. do you know how can i fix this? thanks
I will have to take a look at the error as I haven't seen it before.
@@CyberWarriorStudios sure, and one more question- how do I choose my static IP settings? I am using vmware workstation on my windows 11. how can i check which IP and Gateway to use?
@@SachinSharma-en8pt For which the management interface or the monitoring interface?
for some reason I can't access web interface, it says " took too long to respond" , how can I fix it ?
How soon after starting it up are you trying to get to the web? It can take some time for the webserver and all applications to start.
how long it is take for updating packages ? after 20 min still 2% .
I’ve seen that issue before, let me do some digging and see if I ever found the cause.
no matter whether I try and create a seconion machine with static ips or dhcp I can never access the actual web gui. Im not sure why I even followed this video step by step, what do u recommend.
for some odd reason during my installation process it gets stuck at "running post installation scripts" (takes 30 mins+ at that part) so I just restart the whole VM instead. Then it takes me to the login, once I input the credentials it says incorrect. I double check my login so I know its not. I read documentation to find this issue but it does not come up at all. Do you have any idea? I also have it running on CENT OS 7.
@@CyberWarriorStudios the installation took 2 hours which was weird to me so that's why I would stop it & restart the VM. So, instead of restarting it again I would just click inside the VM and press enter, and make sure the cursor continued to blink then after that it went to the reboot prompt allowing me to put in my credentials.
sir i install security onion but i didn't received thehive in its tool section
Nice video sir
But how to get the logs of other VM like ubuntu in security onion.
Please help
That would require setting up syslog or another forwarding service like rsyslog on your ubuntu box. I believe I have a video about that within this playlist.
Ok Sir Thanks , instantly i go through that video.
Thanks for the reply sir
is the ISO broken or something? Ive tried to install this on vmware workstation, virtualbox and vmware player and I get errors importing the ISO.
You shouldn't be importing the ISO you should be using the ISO to install the OS. I don't know of any issues with the ISO itself.
@@CyberWarriorStudios poor choice of words, yes I meant using the iso to install it. There’s gotta be a problem because I’ve tried this on different computers and everything and same error
@@CyberWarriorStudios oh yeah I did, it worked. I guess the one I had earlier was broken or something.
It happens, every so often a download looks like it completed properly but something gets corrupted in the process. If enough is downloaded to still look like a complete ISO though it seems legit.
After the configuration I am having login issues after powering off the VM.
After restart it shows 'securityonion login:' I type in the username hit enter then it asks for password and after I type in the password it displays 'login incorrect'. Weird thing is I can still log into the web interface. I know the username and password is correct I have reinstalled SO several times and double check the username and password. Anyone know what is wrong?
@Raymond Jones, before I go too deep into looking at the issues out of curiosity have you attempted to use root as the login username? I don't necessarily think that's right but without reviewing all the steps right now that is the first thing that comes to mind based on the little information I have. Failing that, let me look into all the different steps to install again and I'll get back to you on what could potentially cause this problem.
@@CyberWarriorStudios Thanks for checking on this your video was great.
I found that it says that 'user is not in the sudoers file. This incident will be reported.' I am using Centos 7 64 and the fixes I found for Ubuntu dont work so far but I have not tried everything.
@@RaymondJonesrejlive you may want to try look at RHEL or CentOS fixes since CentOS is the free version of RHEL
@@RaymondJonesrejlive No problem, I'm still looking into this while working on some other projects. So if you find the fix in the mean time please let me know.
dont deny it Mr Warrior you are WoW player xD
Honestly I think I played it once but wasn’t a fan I preferred Star Wars
Your microphone is a bit wonky
I’ve changed things a bit so I’ll end up re recording this series with the updated SO and hopefully the audio will be better
🧅🧅🖥🖥🖥🖥😎😎😎😎
Someone forgot to use promiscuous mode...
No I had 2 NICs one is in promiscuous mode the other is in management mode.
Don't forget if you like this video make sure to Like, Comment, and Subscribe if you haven't done so yet. Also check the description for all the ways you can follow and support the channel!