A powerful, easily deployable network traffic analysis tool suite for network security monitoring
Official downloads of the Hedgehog Linux installer ISO can be downloaded from the GitHub releases page. It can also be built easily on an Internet-connected system with Vagrant:
vagrant-sshfs
pluginbento/debian-12
Vagrant boxThe build should work with a variety of Vagrant providers:
vagrant-vmware-desktop
pluginvagrant-libvirt
provider pluginvagrant-mutate
plugin to convert bento/debian-12
Vagrant box to libvirt
formatvagrant-vbguest
pluginTo perform a clean build the Hedgehog Linux installer ISO, navigate to your local Malcolm working copy and run:
$ ./hedgehog-iso/build_via_vagrant.sh -f
…
Starting build machine...
Bringing machine 'default' up with 'virtualbox' provider...
…
Building the ISO may take 90 minutes or more depending on your system. As the build finishes, you will see the following message indicating success:
…
Finished, created "/sensor-build/hedgehog-24.11.0.iso"
…
Alternately, if you have forked Malcolm on GitHub, workflow files are provided which contain instructions for GitHub to build the images and Hedgehog and Malcolm installer ISOs, specifically hedgehog-iso-build-docker-wrap-push-ghcr.yml
for the Hedgehog ISO. The resulting ISO file is wrapped in a image that provides an HTTP server from which the ISO may be downloaded. See Using GitHub runners to build Malcolm images for more information.