Security Onion 20120116 is now available! This resolves the following issue:
For more information about Snort 2.9.2, please see:
Please note that if you are using the Registered (30-day delay) VRT ruleset you may need to wait until the rules are released for Snort 2.9.2.
Please also note that the new snort.conf will overwrite your existing snort.conf. Your existing snort.conf will be backed up to /nsm/backup/20120116/NAME_OF_SENSOR/. Please copy any customizations (HOME_NET, etc.) from the backup copy to the production copy /etc/nsm/NAME_OF_SENSOR/snort.conf.
New users can download and install the 20111103 ISO image using the instructions here. The step marked "Install Security Onion updates" will automatically install this update.
Existing Security Onion users can perform an in-place upgrade using the following command (if you're behind a proxy, remember to set your proxy variables as described in the FAQ):
sudo -i "curl -L http://sourceforge.net/projects/security-onion/files/security-onion-upgrade.sh > ~/security-onion-upgrade.sh && bash ~/security-onion-upgrade.sh"
|Upgrade script installs Snort 2.9.2 and launches PulledPork|
|Once PulledPork completes, barnyard2 and Snort are restarted|
Thanks to the Snort team for their hard work on Snort 2.9.2!
Thanks to Scott Runnels for his assistance in testing this release!
If you're a fan of Security Onion, please vote for it for 2011 Toolsmith Tool of the Year!