Security Onion 20120427 is now available! This resolves the following issues:
Issue 245: Snort 220.127.116.11
Issue 259: Update Security Onion logo
Please note that if you are using the VRT ruleset and are a free "Registered User" (instead of a paid "Subscriber"), then you may need to wait until the 30-day wait period has elapsed to get the new 18.104.22.168 rules.
New users can download and install the 20120125 ISO image using the instructions here. The step marked "Install Security Onion updates" will automatically install this update.
Existing Security Onion users can perform an in-place upgrade using the following command (if you're behind a proxy, remember to set your proxy variables as described in the Proxy page of our FAQ):
sudo -i "curl -L http://sourceforge.net/projects/security-onion/files/security-onion-upgrade.sh > ~/security-onion-upgrade.sh && bash ~/security-onion-upgrade.sh"Please note that the new snort.conf will overwrite your existing snort.conf. Your existing snort.conf will be backed up to /nsm/backup/20120427/NAME_OF_SENSOR/. Please copy any customizations (HOME_NET, etc.) from the backup copy to the production copy /etc/nsm/NAME_OF_SENSOR/snort.conf.
|Upgrade Process (cont.)|
If you have any questions, please join our mailing list and ask away!
Thanks to Sourcefire for Snort 22.214.171.124!
Thanks to Jack Blanchard for the updated Security Onion logo!
Thanks to the following for their help in testing this release!
Tom De Vries
Security Onion needs you! Please see the new Team Members page on the wiki!
Want to learn more about Intrusion Detection?
Doug Burks will be teaching SANS 503 Intrusion Detection In-Depth in Augusta, GA in June! For more information, please see: