How to setup network monitoring security with Onion Security and Pfsense firewall (part 1)
Building SIEM at HOME
- Basic networking knowledge (basic understanding of subnets and network segmentation.
- Ability to Google vendor instructions and YouTube videos (See How to Engineer like a Rockstar)
- A network capable of having more than one subnet and the ability to copy all network traffic to an Ethernet port
The best way to get good at anything is to practice it. Practice it a lot. One of the best ways to start learning to analyze network traffic for anomalies and malicious activity is to begin looking at your home network traffic as often as you can in a meaningful way. The more you understand what ‘normal’ looks like the better off you will be. Simply running Wireshark on a laptop in your home won’t be enough to really begin building the foundations being spoken about here.
The Security Onion Linux distribution is an amazing piece of free kit available.