Stability on XenServer
127 views
Skip to first unread message
br0kan
Nov 24, 2013, 12:37:03 PM11/24/13
to securit...@googlegroups.com
Has anyone had any success running the latest version of SecurityOnion on XenServer? If so, what is your recommended build? I've been having all kinds of stability issues on both the client and the server. I've got a relatively simple setup that is primarily aiming to just run Snort and Snorby.
Matt Gregory
Nov 24, 2013, 2:42:47 PM11/24/13
to securit...@googlegroups.com
I haven't used XenServer so I can't answer specifically, but have you tried running a bare Ubuntu 12.04 install on it to see if you have the same problems? It seems like stability issues would have more to do with the OS than anything installed within the OS.
Matt
On Nov 24, 2013 1:14 PM, "br0kan" <mont...@gmail.com> wrote:
Has anyone had any success running the latest version of SecurityOnion on XenServer? If so, what is your recommended build? I've been having all kinds of stability issues on both the client and the server. I've got a relatively simple setup that is primarily aiming to just run Snort and Snorby.
--
You received this message because you are subscribed to the Google Groups "security-onion" group.
To unsubscribe from this group and stop receiving emails from it, send an email to security-onio...@googlegroups.com.
To post to this group, send email to securit...@googlegroups.com.
Visit this group at http://groups.google.com/group/security-onion.
For more options, visit https://groups.google.com/groups/opt_out.
Doug Burks
Nov 24, 2013, 3:37:21 PM11/24/13
to securit...@googlegroups.com
Hi br0kan,
Have you seen this video?
http://www.youtube.com/watch?v=NRNxT6o9A9g
Are you following the Installation guide?
https://code.google.com/p/security-onion/wiki/Installation
What kinds of stability issues are you referring to?
Please send the output of the following:
sudo sostat-redacted
It will redact IPv4 addresses, but there may be additional data that
you need to manually redact.
If you don't have sostat-redacted, you can either install all
available updates or do "sudo sostat" and manually redact.
On Sun, Nov 24, 2013 at 12:37 PM, br0kan <mont...@gmail.com> wrote:
> Has anyone had any success running the latest version of SecurityOnion on XenServer? If so, what is your recommended build? I've been having all kinds of stability issues on both the client and the server. I've got a relatively simple setup that is primarily aiming to just run Snort and Snorby.
>
Doug Burks
http://securityonion.net
Have you seen this video?
http://www.youtube.com/watch?v=NRNxT6o9A9g
Are you following the Installation guide?
https://code.google.com/p/security-onion/wiki/Installation
What kinds of stability issues are you referring to?
Please send the output of the following:
sudo sostat-redacted
It will redact IPv4 addresses, but there may be additional data that
you need to manually redact.
If you don't have sostat-redacted, you can either install all
available updates or do "sudo sostat" and manually redact.
On Sun, Nov 24, 2013 at 12:37 PM, br0kan <mont...@gmail.com> wrote:
> Has anyone had any success running the latest version of SecurityOnion on XenServer? If so, what is your recommended build? I've been having all kinds of stability issues on both the client and the server. I've got a relatively simple setup that is primarily aiming to just run Snort and Snorby.
>
> --
> You received this message because you are subscribed to the Google Groups "security-onion" group.
> To unsubscribe from this group and stop receiving emails from it, send an email to security-onio...@googlegroups.com.
> To post to this group, send email to securit...@googlegroups.com.
> Visit this group at http://groups.google.com/group/security-onion.
> For more options, visit https://groups.google.com/groups/opt_out.
--
> You received this message because you are subscribed to the Google Groups "security-onion" group.
> To unsubscribe from this group and stop receiving emails from it, send an email to security-onio...@googlegroups.com.
> To post to this group, send email to securit...@googlegroups.com.
> Visit this group at http://groups.google.com/group/security-onion.
> For more options, visit https://groups.google.com/groups/opt_out.
Doug Burks
http://securityonion.net
Jaskamal Singh Saimbi
Dec 25, 2013, 3:30:59 AM12/25/13
to securit...@googlegroups.com
Hi Doug,
I am in the process of building a Xenserver lab with SO sniffing everything going out and in on the inside interface of my pfSense VM. My problem is, I can't find a way to mirror traffic form one virtual port(inside of pfsense) to the SO sensor interface. The ESXi guys seems to have an option (http://www.forwardingplane.net/2013/07/building-a-secured-network-in-a-box/)
I would be very glad if you help me out here.
Doug Burks
Dec 26, 2013, 6:07:58 AM12/26/13
to securit...@googlegroups.com
Hi Jaskamal,
Have you tried searching the Xen documentation?
http://support.citrix.com/article/CTX121729
Have you tried searching the Xen documentation?
http://support.citrix.com/article/CTX121729
Reply all
Reply to author
Forward
0 new messages