How to Install AlienVault OSSIM for Your Cyber Security Home Lab for FREE - The Ultimate SIEM Guide

Video Statistics and Information

Video
Captions Word Cloud
Reddit Comments
Captions
hello everyone welcome to this video today we will see how we can download and install alien world ocean which is a Sim security information and event management or incident handling and response so we will search in Google alien world OSS IM and then we'll click and download the ISO file it's a free ISO file open source we will click on download and the download will start as you can see but I have already downloaded this it will take some time for you and then we can go ahead and open virtualbox and start with the installation process so you have to when you click on download you have to scroll down and then click again here mode ISO and it will start downloading and it's around 717 megabytes I'll cancel it and let's go so here I have downloaded the file as you can see Alien Vault or Sim 64-bit ISO file and I have moved it to my D drive and this is the ongoing lab setup or our ethical hacking lab where we are installing some vulnerable operating system as well as attacking penetration testing operating system and some security operating system so if you haven't checked that you can see my earlier videos and here you can see I have already configured PF sense which is a firewall and working as a router so PF sense is now will act as a router in this local area network and assigning IP addresses and I have also started parent Security in the same local area network LAN the PF sense will assign IP address to this as well as the alien wall that we are going to install we are also using we'll be using that Lan local area network so quickly let's have a look in our Network you can see I have actually created a net Network and I'm using the external network with IP address this is the local area network actually subnet 192.16800.0 and 198 168 uh this is actually taking uh the internet uh PF sense is taking the internet and also I have created one let me go to PF sense so net network will take the internet and uh I have another adapter that is internal network with name in0 and this internal Network we will be actually uh giving all the machine this network so parrot security also is in this internal Network and the name of the internal network is in0 and PF sense is the default gateway and parrot Security will have internet access and the internet will have I mean through the firewall so as you can see parallel security this is in internal Network and this is the IP address if I do ifconfig you can see parent security is having 10.0.1 Dot 10 so this local area network uh default gateway IP address is 10. 10.0.1.1 which is the IP address of uh PF sense and then DHCP uh we can run n number of machine with this internal Network named in0 where we will have will be like pfSense will assign different IP addresses so not too complicate and let's proceed and we are going to start the configuration so we have downloaded now we will install the first we are going to create add new we'll click on new and then we'll name it as alien vault ossim and then we will select the folder actually to D drive because I'm running out of space and you can go with the default just next but for me I will just use another because I have a low space in C drive so I will go ahead and go in the drive and I will select here I have all the virtual machines actually but I will select this folder now the type will be Linux and variation is Ubuntu we will use 1 to 64 bit and then click on next here we are assigning around 4 GB of RAM and I don't have much CPU you can see I have only two CPUs so I'll just use one for this but if you have more CPUs then you can select two CPU minimum and RAM 2GB is also fine but I'm using 4GB for now and then click on next here I will assign uh you can assign like 12 to 18 minimum I will assign here around 20 GB of RAM and you can if you have more you can also increase this like maybe uh or tgb and we will click on next it will be dynamic dynamically allocated actually so now we are good to go we'll click on finish and we'll go to settings in settings we have to check uh they're floppy we will uncheck it and bring it down boot order first from uh will bring it down actually so first from hard disk and then Optical now that is CD and then display we will increase it to I mean the video memory we will increase to full actually and storage we have to click on the empty and then select uh the ISO file that we just downloaded from the website this one so we will select that ISO file it is located I have moved it to De Drive downloads folder here I have this ISO o Sim file now I'll just click here then I will also go to network and in this I have only one adapter and instead of a net I will go to internal Network and I have selected internal network name in0 so this is my internal Network actually and this is the MAC address ending with B8 so this is done so now we will uh click on OK and then we'll start so now it will boot and then it will start the installation process so it's powering up as you can see 20 done already okay so it's running yeah now we will press enter now press enter or you will be presented with this screen I will go with the default just continue click on continue and the country like is United United States you can change your location if you want but I will go with the default or I will just select you can select any country actually so right now we are good to go like just for demonstration purpose you can select your country and all that so keyboard American English continue now it is detecting hardware and all and then we have to assign IP address so this step is crucial guys so if you don't know the IP address you have to contact your network and administrator or you should have a little networking concept so I have already set up the network as I have shown you earlier and I'm using this in the internal Network and my internal network is set using the PF sense firewall and para security is also in internal Network and para security is having IP address 10.0.1.10 and the internal network is uh 10.0.1.1 24 and one is the 10.10.1.1 is the default gateway which is this actually so here you can see this is the local area network we are using and 10.10.1.1 is the default gateway and it is the firewall PF sends firewall open source firewall and we are actually setting we will be assigning an IP address for the ocean in this local area network only so now because we have our alien world also running in that uh local area network internal network name in0 and here we have to type the IP address so I will type uh within any IP it should be a static IP address or else I can give 10.0.1.1 24 if I don't know the IP address or for this machine I will assign 10.0.0 uh one dot uh I will just assign one dot so I'll just assign the two 53. now click on continue and then go with the default subnet mask is correct 255.255.255.0 and default gateways also correct this is the default gateway guys the router IP address of uh PF sense firewall 10.0 Dot 1.1 now we will click on OK and it is asking for name server so we'll give name server the Google name server 8.8. 8 and then continue now we have to uh give the password I mean the root password so whatever you feel like so whenever we type command likes you know we need to give that password for access so I'll type my password Here and then I will continue [Music] and I will just go with the default and continue so now the alien world will do the configuration once everything is done completely the alien world will restart and it will give us the IP address the web interface IP address that we can actually uh use and open a browser and type in the typed I mean type that uh default uh I mean web interface IP address of Alien Vault osim and then we can log in using so that will be actually uh ins also in order to access that alien world web interface now we should run a machine in the Lan in the same Lan actually local area network that is internal network name in0 and I have already started parrot security for that purpose so after the system starts I will actually open a browser and then access the Alien Vault web interface from parrot security because I'm using this internal Network so this process will take some time you should have patience almost done foreign so during the installation one thing like it will actually wait for some time to download the feed actually gvm feed you should have a lot of patience because it is time consuming I mean it will take it will take long time and then it will be eventually done okay after that the system will reboot and you can see a similar screen login foreign CPUs otherwise the system will be slower as you can see in my case at least two actually uh CPU should be given or more like otherwise uh that is why actually we are having uh this slowness in our system I mean in my system so I'm giving only one CPU but they have suggested two minimum two or if more than that it will be faster so even if I'm applying changes or trying to log in so it is taking some time actually so now you can see I logged in finally so when you log in for the first time you will be up seeing a wizard or else you can skip the wizard and then you'll be presented with this kind of screen where you can actually uh check the report do configuration intelligence you can create support tickets for the concerned team to handle certain security incidents then you can do a vulnerability scan so for that you have to add those in points actually again we can use open trade exchange otx integrate with that so otx I will just show you quickly so this is the otx by Alien Vault again open trade Exchange here we have to sign up for an account and then we can actually connect it in our alien world we have to sign up for a free account and then here we have the treat intelligence it's a community where like free like without paying anything we will be able to get all the latest incident on various organizations happening so that we can get the feeds here automatically this is how it looks to do configuration deployment administrator trading Legions nettings in in order to deploy we can click on deployment that we will be coming actually the internal system or how we can do the steps or do the same I mean incident handling and response using alien world will be doing it in the upcoming videos so this video was still like the installation part we successfully installed it and due to my low CPU I actually it's taking time anyway but we were able to successfully install this so thanks for watching guys thank you
Info
Channel: Cyber Security & Ethical Hacking Skills
Views: 2,517
Rating: undefined out of 5
Keywords: AlienVaultOSSIM, CyberSecurity, SIEM, HomeLab, InstallationGuide, CybersecuritySkills, OpenSource, NetworkMonitoring, ThreatDetection, LogAnalysis, SecurityReports, Hardening
Id: ty8xlUrNFXA
Channel Id: undefined
Length: 19min 19sec (1159 seconds)
Published: Wed Jul 05 2023
Related Videos
this Cybersecurity Platform is FREE
John Hammond
514K
Secure Your Self-Hosted Network with Wazuh
Techdox
77K
Wazuh All-in-One Server Installation Guide: Boost Your Security!
Unreal Labs
25K
How to know if your PC is hacked? Suspicious Network Activity 101
The PC Security Channel
1M
you need this FREE CyberSecurity tool
NetworkChuck
1.1M
Detect Hackers & Malware on your Computer (literally for free)
John Hammond
284K
26 Incredible Use Cases for the New GPT-4o
The AI Advantage
306K
How to monitor Network Security for FREE
CryptoTech
15K
Build a Powerful Home SIEM Lab Without Hassle! (Step by Step Guide)
Gerald Auger, PhD - Simply Cyber
120K
Installation (Server Sensor and Plugin) - Alien Vault OSSIM SIEM Solution | Ep 2
MRK Security
5.1K
Zero $ Home Server : Complete Openmediavault 6 Install
Techno Dad Life
45K
Cybersecurity for Beginners: How to use Wireshark
The PC Security Channel
109K
OSSIM AlienVault SIEM: Post-installation OSSIM Initial configurations
Relative Security
4.8K
Setup centralized syslog server
Ed Goad
53K
Note
Please note that this website is currently a work in progress! Lots of interesting data and statistics to come.