telot Posted October 31, 2012 Share Posted October 31, 2012 I wanted to add this to the pinned topic with the same name, but it appears to be locked. A great use I've found for an old computer is to turn it into an IDS for my home. I saw a great talk at DerbyCon about Security Onion which gave me the idea. Basically its the BackTrack for blue teams. It can become rather RAM intensive for large scale deployments, but for a home/small business use its pretty do-able (I'm rocking 2GB for my little house setup and it runs fine - I plan to put one at my office of 4 people with 4GB ram). I've got it running on my entire network (me and wifey and dog) most of the time just playing around, but sometimes I hook it up with my proxmox box and vlan it out into a testing network for great fun and profit. Plus at Derbycon the creator announced a 64bit version finally, so all the better for enterprise-level! http://securityonion.blogspot.com telot Quote Link to comment Share on other sites More sharing options...
Mr-Protocol Posted October 31, 2012 Share Posted October 31, 2012 I tried SecurityOnion early on. Would have been nice to talk with the guy about it, but I didn't go to his talk. Early on it had some issue where it would just lock up system resources. Hopefully that has been fixed, I may give it a second chance :P Quote Link to comment Share on other sites More sharing options...
telot Posted October 31, 2012 Author Share Posted October 31, 2012 Yeah, now that they've brought up their own apt-get repo, its pretty awesome. Just load up ubuntu (desktop or server with a gui) as normal, add their URL, and load it up. It comes just as configured (save for the desktop shortcuts I guess) as the live disk. The 64bit support has really opened the doors for government/enterprise deployments (multiple quadcore procs, 64GB of ram type of setups for monitoring a gigabit line with thousands of users). His talk was pretty awesome - the guy is a total anti-hacker through and through (bright colored shirts, christian, has kids, etc) and said he's made it his lifes mission to thwart black hats. There were so many audience questions that we had to go into another room afterwards so he could get to all of us...I'm not sure if that was recorded or not (Adrian was in and out of the room, not sure if he got it working though). Definitely worth checking out. And its a total shame we didn't get to connect at Derby Mr. P - it would've been nice to shake hands with the legend of the hak5 forums :D telot Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.