[Snort-users] Question about Sguil
doug.burks at ...11827...
Fri Jun 20 13:31:11 EDT 2014
On Fri, Jun 20, 2014 at 1:27 PM, Matt Martin <MMartin at ...16693...> wrote:
> Hey Doug, thanks for the reply!
> Is security Onion required for Sguil, or just recommended?
Security Onion is not required, but it's the quickest and easiest way
to get Sguil up and running.
> Because I have Snort already installed on a Dell Poweredge Server (*2950 I think is the model...), with 6 HDDs in a RAID5 Array and 8 Intel Xeon cores, . This server was previously used for other purposes, but since most of our Servers have gone virtual we had a few servers lying around for me to choose from to install Snort on.
> From what I read Security Onion it is a OS/Linux Distro in it of itself, based on RedHat.
Yes, Security Onion is a complete Linux distro, but it is based on Ubuntu 12.04.
> And it comes with Snort, Barnyard2, etc already pre-installed... Is that correct?
Yes, Security Onion includes Snort, Barnyard2, etc. already pre-installed.
> While I was writing this I was speaking with my manager and we ARE going to give it a try. We are going to use one of old email servers (*Dell something...) and we're going to install Security Onion and give it a go... Sounds promising!
Excellent, thanks! If you have any questions or problems regarding
Security Onion, please use our security-onion mailing list:
More information about the Snort-users