Security Onion
latest
Table of Contents
About
Introduction
Getting Started
Analyst Tools
Network Visibility
Host Visibility
Elastic Stack
Updating
Accounts
Customizing for Your Environment
Network Configuration
Proxy Configuration
Firewall
Email Configuration
Changing IP Addresses
NTP
Tuning
Tricks and Tips
Services
Utilities
Help
Integrations
Security
Appendix
Cheat Sheet
Security Onion
Docs
»
Customizing for Your Environment
Edit on GitHub
Customizing for Your Environment
ΒΆ
This section covers how to customize Security Onion for your environment.
Network Configuration
Management interface
Sniffing interface(s)
Sample /etc/network/interfaces
Wireless interfaces
Proxy Configuration
Docker
sudo
PulledPork
Firewall
Setup defaults to only allowing port 22 (ssh)
Sensors automatically add their own firewall rules to the master server
UFW
Email Configuration
so-email
Sguil client
Manual Configuration
Operating System
Sguild
Wazuh
Zeek
Elastalert
Lack of network traffic
Changing IP Addresses
Update the actual IP address of the management interface
Update NSM config files to reflect the new IP address
Files to update when changing the IP address
NTP
Modifying
IDS Alerts
Read the Docs
v: latest
Versions
latest
Downloads
pdf
html
epub
On Read the Docs
Project Home
Builds
Free document hosting provided by
Read the Docs
.