Doug Burks edited this page Jul 14, 2018 · 30 revisions
Clone this wiki locally

If you want to quickly evaluate Security Onion on your preferred flavor of Ubuntu 16.04 64-bit (not using our ISO image), follow these steps:

  1. First, check the Hardware Requirements page.
  2. Download the ISO image for your preferred flavor of Ubuntu 16.04, verify the ISO image, and boot from it.
  3. Follow the prompts in the installer. When prompted to encrypt home folder or encrypt partition option, DO NOT enable this feature. When asked about automatic updates, DO NOT enable automatic updates.
  4. Reboot into your new installation.
  5. Login using the username/password you specified during installation.
  6. Verify that you have Internet connectivity. If necessary, configure your proxy settings.
  7. Log back in (using ssh -X if you’re installing on Ubuntu Server or a headless distro).
  8. Configure MySQL not to prompt for root password (Setup will generate a random password later):
    echo "debconf debconf/frontend select noninteractive" | sudo debconf-set-selections
  9. Clean apt list repository:
    sudo rm -rf /var/lib/apt/lists/*
    sudo apt-get update
  10. Add the Security Onion stable repository:
    sudo apt-get -y install software-properties-common
    sudo add-apt-repository -y ppa:securityonion/stable
    sudo apt-get update
  11. Install the securityonion-all metapackage:
    sudo apt-get -y install securityonion-all syslog-ng-core
  12. Update all packages:
    sudo soup
  13. Run the Setup wizard:
    sudo sosetup
    (Keep in mind, you will need to forward X for this to work:
  14. Follow the prompts.
  15. Analyze alerts using the Sguil client, or open a browser to https://localhost where you can access Squert and Kibana.
  16. Follow the upgrade process.

Please review the PostInstallation page.