The Security Onion LiveDVD is a bootable DVD that contains software used for installing, configuring, and testing Intrusion Detection Systems.
Security Onion is a Linux distro that contains software used for installing, configuring, and testing Intrusion Detection Systems. It is based on Xubuntu 10.04 and contains Snort, Suricata, Sguil, Squert, Xplico, nmap, scapy, hping, netcat, tcpreplay, and many other security tools
What can it be used for?
- - Security Onion can be used for Intrusion Detection. Simply boot the DVD, double-click the Setup desktop shortcut, and follow the prompts. Once Setup completes, then double-click the Sguil desktop shortcut to launch the GUI and view/investigate the alerts. (This is fine for temporary or demo environments, but production environments should not run from the LiveDVD environment. See installation information below.)
- - Security Onion can be used to test an Intrusion Detection System. Simply boot the DVD and use the included tools (such as nmap, scapy, hping, metasploit, and others) to test your existing IDS or to test the included Snort and Suricata IDS/IPS engines.
- - Security Onion can be used to install an Intrusion Detection System. Simply boot the DVD and choose the Install option in the Boot Menu or boot into the full live Desktop and double-click the Install desktop shortcut. Once you've completed the installation process and have rebooted into your new installation, you will want to install any available Ubuntu updates and then double-click the Setup desktop shortcut to configure Security Onion.