Chapter 9

Live traffic analytics using “Security Onion”

Abstract

Here, we show how to install and use Security Onion open source appliance in combination with probes. With distributed detection of intrusions and centralized logging, we show how real-time detections and post-attack trending may be practically implemented.

Keywords

Security Onion

intrusion detection

probes

Security Onion is a roll-up distribution of Ubuntu Linux, with many live traffic analytics utilities preinstalled for you. In addition, Security Onion adds a lot of value added linking of tools to make live monitoring possible. Whereas tools like Kali Linux allow you to intentionally scan for vulnerabilities and generate DDoS and penetration attacks, Security Onion is all about ...

Get Network Performance and Security now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Network Performance and Security by Chris Chapman

Live traffic analytics using “Security Onion”

Abstract

Keywords

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly