Cyber Security: Security Onion setelah Instalasi
After Installation SSH Key Change Depending on what kind of installation you did, you may have seen a warning at the end of Setup about SSH key changes.
_images/so-ssh-harden.png For more information, see the SSH section.
Adjust firewall rules using so-allow Depending on what kind of installation you did, the Setup wizard may have already walked you through adding firewall rules to allow your analyst IP address(es). If you need to allow other IP addresses, you can manually run so-allow.
Services Verify services are running with the so-status command: sudo so-status Data Retention Review the Curator and Elasticsearch sections to see if you need to change any of the default index retention settings. Other Full-time analysts may want to connect using a dedicated Analyst VM. Any IDS/NSM system needs to be tuned for the network it’s monitoring. Please see the Tuning section. Configure the OS to use your preferred NTP server.