I've updated the securityonion-bro-scripts package to include these changes.
New package version:
securityonion-bro-scripts - 20121004-0ubuntu0securityonion37
Issue 616: securityonion-bro-scripts: ShellShock Qmail SMTP "MAIL FROM" attack vector
The new package is now available in our stable repo. Please see the following page for full update instructions:
To apply the new Bro ShellShock detection, you'll need to restart Bro as follows:
sudo nsm_sensor_ps-restart --only-bro
|Restarting Bro to load new ShellShock detection|
If you have any questions or problems, please use our security-onion mailing list:
Only 16 seats left for the 3-day Security Onion class in Richmond VA!
Need commercial support? Please see:
If you and/or your organization have found value in Security Onion, please consider giving back to the community by joining one of our teams:
We especially need help in answering support questions on the mailing list:
We also need help testing new packages: