ALIEN VAULT OSSIM 4.3.4 INSTALLATION & CONFIGURATION
1. Download OSSIM from the below mentioned URL.
http://www.alienvault.com/open-threat-exchange/projects#ossim-tab
2. write iso to cd using any iso burner (imgburn etc.)
3. Boot from CD and start installation of OSSIM 4.3.4
There are two types of installation
3.1 USM (Unified Security Management)
3.2 Sensor (log collector)
I have to configure a server for analysis and reporting for that i selected
USM.
4. Select language which ever you needs to be default and press "continue"
5. Select you country, if you didn't find in list then goto other to select your
country and press "continue"
6. Select region in which your country exist and press "continue"
7. Select you country and press "continue"
8. Select locale settings as default and press "continue"
9. Select your keyboard layout and press "Continue"
10. Add IP address (10.10.xxx.xxx) for your server and press "continue"
11. Add Netmask as per your IP scheme and press "continue"
12. Add default gateway IP for your server and press "continue"
13. Add the DNS address or use google dns e.g. 8.8.8.8 and press "continue"
14. Choose the password for your root account and press "continue"
15. Installer will configure all those settings and complete installation.
16. Login using root and password as you had chosen at the time of
installation.
17. AlienVault setup menu will be displayed, configure all required settings
as below.
System settings (network configuration, mail relay, local configuration,
Hostname)
System Updates (update, upgrade)
Configure Sensor (listening interface, server ip, Monitored networks,
data sources, netflow generator )
Maintenance (repair database, change password, reboot or shutdown
appliance, services)
Tools (tools to view logs or monitor server)
Jailbreak this Appliance (get the shellprompt to customize)
About (info about server)
Apply changes (After completing configuration, apply all those settings)
18. To access the dashboard use URL with your management interface IP.
https://10.10.x.x
1. Download OSSIM from the below mentioned URL.
http://www.alienvault.com/open-threat-exchange/projects#ossim-tab
2. write iso to cd using any iso burner (imgburn etc.)
3. Boot from CD and start installation of OSSIM 4.3.4
There are two types of installation
3.1 USM (Unified Security Management)
3.2 Sensor (log collector)
I have to configure a server for analysis and reporting for that i selected
USM.
4. Select language which ever you needs to be default and press "continue"
5. Select you country, if you didn't find in list then goto other to select your
country and press "continue"
6. Select region in which your country exist and press "continue"
7. Select you country and press "continue"
8. Select locale settings as default and press "continue"
9. Select your keyboard layout and press "Continue"
10. Add IP address (10.10.xxx.xxx) for your server and press "continue"
11. Add Netmask as per your IP scheme and press "continue"
12. Add default gateway IP for your server and press "continue"
13. Add the DNS address or use google dns e.g. 8.8.8.8 and press "continue"
14. Choose the password for your root account and press "continue"
15. Installer will configure all those settings and complete installation.
16. Login using root and password as you had chosen at the time of
installation.
17. AlienVault setup menu will be displayed, configure all required settings
as below.
System settings (network configuration, mail relay, local configuration,
Hostname)
System Updates (update, upgrade)
Configure Sensor (listening interface, server ip, Monitored networks,
data sources, netflow generator )
Maintenance (repair database, change password, reboot or shutdown
appliance, services)
Tools (tools to view logs or monitor server)
Jailbreak this Appliance (get the shellprompt to customize)
About (info about server)
Apply changes (After completing configuration, apply all those settings)
18. To access the dashboard use URL with your management interface IP.
https://10.10.x.x
No comments:
Post a Comment