In this course I walk you through the process of setting up a small network (including both wired and wireless connectivity) that is designed for total network activity capture and analysis by Security Onion, a highly advanced free and open source server for network security monitoring. I provide step by step instructions on the hardware you will need, where you can get it, how to configure it for Security Onion, how to deploy Security Onion, and how to get started using some of Security Onion's powerful tools.
This class includes the following:
A diagrammatic overview (including a detailed description) of network architecture;
Details of specific required hardware and where it can be inexpensively acquired;
Hardware configurations to achieve the desired network architecture;
How to prepare the Security Onion software, install it onto hardware, and deploy it into the network;
Remote administration examples of the Security Onion server;
Network analysis examples using Security Onion's default network analyst tools.
I am actively expanding the content of this class, and new lectures will be added as they are completed. Lectures being currently recorded, edited, and voiced over include the following:
How to configure network devices for encrypted administration;
How to configure the Firefox web browser to alert when public keys have changed;
How to forward system logs from devices and hosts on the network to Security Onion for analysis;
How to configure FleetDM to monitor network hosts for known vulnerabilities in software.