Changes since 12.04.3 ISO
The new 12.04.4 ISO image has all Ubuntu and Security Onion updates as of 2/21 including:
- Linux kernel 3.2.0-59
- Snort 184.108.40.206
- Suricata 1.4.7
- Bro 2.2
- ELSA 1.5
- Squert 1.2.0
- securityonion-web-page (ELSA query page at https://onion/elsa)
- NSM scripts
- ET ruleset (/etc/nsm/rules/downloaded.rules)
Changes in the ISO Image Itself
The new 12.04.4 ISO image resolves a few issues in the ISO image itself:
- boot menu: the Install option never really worked right and has now been removed so that folks will choose one of the Live options that allow them to Install but also allow them to check hardware and read the README
- boot menu: added "nomodeset" option since some folks needed that to boot on certain video chipsets
- after choosing an option on the boot menu, the Xubuntu boot progress indicator has been replaced with a Security Onion boot progress indicator
- unnecessary shortcuts have been removed from the Live desktop so that users don't try to run Setup before running the Installer
- previously, if you ran "sudo service nsm status" before running Setup, you'd get an error message. This has been resolved.
- salt-master and salt-minion were previously enabled on ISO boot, which resulted in lots of DNS lookups for "salt". They are now disabled by default (you can still enable them during Setup of course).
- byobu is now included by default:
In short, it's the best release ever!
|Boot menu (Install option has been removed and replaced with "nomodeset" option)|
|Security Onion boot progress indicator|
|Removed extraneous icons from Live desktop|
|Byobu is now installed by default|
I've updated the Installation guide to reflect the download locations for the new 12.04.4 ISO image:
As always, please remember to verify the checksum of the downloaded ISO image using the instructions in the Installation guide. Here's the MD5 for this release:
If you have existing installations based on our original 12.04 ISO image, there is no need to download the new 12.04.4 ISO image. You can simply continue using our standard update process to install updated packages as they are made available:
If you have any questions or problems, please use our mailing list:
Thanks to George Jones for creating the torrent for the new ISO image!
Thanks to the following for testing the new ISO image!
If you and/or your organization have found value in Security Onion, please consider giving back to the community by joining one of our teams:
We especially need help in answering support questions on the mailing list:
We also need help testing new packages:
There will be a 2-day Security Onion class in Houston on May 8-9. Stay tuned for further details!