Security Onion 20111025 is now available! This resolves Issue 84 by updating Snort to version 184.108.40.206 and its DAQ to version 0.6.2. For more information about Snort 220.127.116.11, please see:http://blog.snort.org/2011/10/snort-2912-has-been-posted.html
Please note that if you are using the Registered (30-day delay) VRT ruleset you will need to wait until the rules are released for Snort 18.104.22.168. For more information, please see:http://blog.snort.org/2011/10/vrt-rule-release-for-10202011-snort.html
Please also note that the new snort.conf will overwrite your existing snort.conf. Your existing snort.conf will be backed up to /nsm/backup/20111025/NAME_OF_SENSOR/. Please copy any customizations (HOME_NET, etc.) from the backup copy to the production copy /etc/nsm/NAME_OF_SENSOR/snort.conf.
Existing Security Onion users can perform an in-place upgrade using the following command (if you're behind a proxy, remember to set your proxy variables as described in the FAQ):
sudo -i "curl -L http://sourceforge.net/projects/security-onion/files/security-onion-upgrade.sh > ~/security-onion-upgrade.sh && bash ~/security-onion-upgrade.sh"
|Installing new packages|
|Backing up config files and copying new files into place|
|Running PulledPork to download new ruleset|
|Stopping the old Snort and starting the new Snort|