Thursday, August 12, 2010

Suggestions for next version of Security Onion LiveCD

I'm currently working on building the next version of the Security Onion LiveCD. It will be based on a fully-updated Xubuntu 10.04 and will have all the tools that were in previous versions with one exception: Snort 3.0 (SnortSP) currently does not compile on Ubuntu 10.04. However, the new Suricata IDS/IPS engine does compile so it will be taking the place of SnortSP. You'll be able to choose between the current production version of Snort (2.8.6.1) or Suricata. Regardless of which IDS engine you choose, your alerts will be available for analysis in Sguil.

We've been nearing the limit of a 700MB CD image for some time, so we will be switching to a DVD image to allow for more software. What suggestions do you have for the new version of the Security Onion LiveCD? Please leave a comment here or add your suggestion at the Security Onion Issue Tracker. Thanks!


Search This Blog

Featured Post

Quick Malware Analysis: WORD MACRO --> SSLOAD --> COBALT STRIKE pcap from 2024-04-18

Thanks to Brad Duncan for sharing this pcap from 2024-04-18 on his malware traffic analysis site! Due to issues with Google flagging a warni...

Popular Posts

Blog Archive