I have watched the install videos and you installed the eval version, i plan on installing the desktop version and am wondering if i will still need to use the web interface to monitor traffic
You will need some kind of web browser whether its inside the Security Onion Desktop or on some other machine. If you have further questions or problems, please start a new discussion at securityonion.net/discuss. Thanks!
You can try it, but we do not recommend or support it. If you have further questions or problems, please start a new discussion at securityonion.net/discuss
You may be able to find MAC addresses by pivoting to PCAP and then opening that PCAP in Wireshark or some other PCAP utility. However, depending on how you're monitoring traffic, the MAC addresses shown may not actually be the MAC addresses of the actual endpoints. For this reason, most folks focus on IP addresses rather than MAC addresses. Depending on your network, you may be able to correlate an IP address to an actual device via DNS, DHCP, or other means. If you have further questions or problems, plese start a new discussion at securityonion.com/discuss rather than replying here on UA-cam. Thanks!
Thank you so much this is great. You are a gifted teacher.
Thanks for your kind words!
I have watched the install videos and you installed the eval version, i plan on installing the desktop version and am wondering if i will still need to use the web interface to monitor traffic
You will need some kind of web browser whether its inside the Security Onion Desktop or on some other machine. If you have further questions or problems, please start a new discussion at securityonion.net/discuss. Thanks!
Thank u ☺️
You're welcome!
is it okay if i install to a external SSD?
You can try it, but we do not recommend or support it.
If you have further questions or problems, please start a new discussion at securityonion.net/discuss
Are there real alarms in the evaluation or are the placeholders not real?
The alerts are real. If you have further questions or problems, please start a new discussion at securityonion.com/discuss. Thanks!
@@security-onion OK, how do I find the corresponding computers or devices? Only IP addresses are displayed but no MAC addresses.
You may be able to find MAC addresses by pivoting to PCAP and then opening that PCAP in Wireshark or some other PCAP utility. However, depending on how you're monitoring traffic, the MAC addresses shown may not actually be the MAC addresses of the actual endpoints. For this reason, most folks focus on IP addresses rather than MAC addresses. Depending on your network, you may be able to correlate an IP address to an actual device via DNS, DHCP, or other means. If you have further questions or problems, plese start a new discussion at securityonion.com/discuss rather than replying here on UA-cam. Thanks!