InstallingOnUbuntu

If you want to quickly evaluate Security Onion on your preferred flavor of Ubuntu 12.04 32-bit/64-bit (not using our ISO image), follow these steps:

1. First, check the Hardware Requirements page.
2. Download the ISO image for your preferred flavor of Ubuntu 12.04.5, verify its checksum, and boot from it.
   
3. Follow the prompts in the installer, but see the two notes below first.
   
4. When prompted to encrypt home folder option, DO NOT enable this feature.
   
5. When asked about automatic updates, DO NOT enable automatic updates.
   
6. Reboot into your new installation.
   
7. Login using the username/password you specified during installation.
   
8. Verify that you have Internet connectivity. If necessary, configure your proxy settings.
   
9. Log back in (using ssh -X if you’re installing on Ubuntu Server or a headless distro).
   
10. Configure MySQL not to prompt for root password:
    

````

echo "debconf debconf/frontend select noninteractive" | sudo debconf-set-selections ````

1. Clean apt list repository:

````

sudo rm -rf /var/lib/apt/lists/* sudo apt-get update ````

1. Add the Security Onion stable repository:
   

````

sudo apt-get -y install python-software-properties sudo add-apt-repository -y ppa:securityonion/stable sudo apt-get update ````

1. Install the securityonion-all metapackage:
   

````

sudo apt-get -y install securityonion-all ````

1. Add your IP to the /etc/hosts.allow file and configure your iptables: (If you don't do this you won't be able to SSH in)
   

````

sudo gedit /etc/hosts.allow add line: sshd xxx.xxx.xxx.xxx/255.255.255.255 Flush IPTables (sosetup will configure properly) iptables -F ````

1. Run the Setup wizard:
   

````

sudo sosetup ````

1. Follow the prompts.
   
2. Analyze alerts using the Sguil client, or open a browser to https://localhost where you can access Squert, Snorby and ELSA.
   
3. Follow the upgrade process.

Please review the PostInstallation page.