Advertisements

#AlienVault 5.0 install on ESXi 5.1.0

So after I finally got OSSEC working, I had kept running across references to AlienVault… well I finally realized AlienVault has OSSEC included as well as a number of other things… so figured I may as well attempt an install!

First off, AlienVault 5.0 does not seem to like the vmxnet3 drivers so I went back to the E1000

I will have to try http://bookmarklust.blogspot.com/2010/03/ossim-vmtools-and-you.html

This post explains how to install vmware tools on debian http://blog.rebelit.net/456

I was successful with installation and changing the NICS over to the vmxnet3 driver.

I want to just add one device, when I went to install the HIDS it was not easily apparent that you should click your node and then select the machine that drops down.

Gah, and you have to hit the ‘deploy’ button as well 😉

I definitely like that Alien automagically deploys the HIDS and sets up the key, having to do it manually is a chore 🙂

Now I’m trying to figure out assets 🙂

This is a great overview!

http://linoxide.com/security/install-configure-alienvault-siem-ossim/

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: