Security Onion Blog

Monday, September 19, 2011

Security Onion 20110919 now available!

Security Onion 20110919 is now available!  This update does the following:

    • Updates the NSMnow admin scripts to support argus.
    • Starts argus on all monitored interfaces.

    Each argus instance will log to the following location:
    /nsm/sensor_data/NAME-OF-SENSOR/argus/YYYY-MM-DD.log

    In-place Upgrade
    Existing Security Onion users can perform an in-place upgrade using the following command (if you're behind a proxy, remember to set your proxy variables as described in the FAQ):
    sudo -i "curl -L http://sourceforge.net/projects/security-onion/files/security-onion-upgrade.sh > ~/security-onion-upgrade.sh && bash ~/security-onion-upgrade.sh"


    Screenshots
    Upgrade script installs new NSM scripts and starts argus on all monitored interfaces (eth0, eth1, and eth2 in this case)

    Running argus processes
    Argus processes log to /nsm/sensor_data/NAME-OF-SENSOR/argus/YYYY-MM-DD.log


    Running one of the argus clients (ranonymize, to anonymize my IP addresses) on the argus logs

    at
    Labels: ,

    No comments:

    Post a Comment

    Subscribe to: Post Comments (Atom)

    Search This Blog

    Featured Post

    Spooky malware analysis!

    It's October 31, so let's analyze some spooky malware! Thanks to Brad Duncan for sharing this pcap from 2025-10-08 on his malware tr...

    Popular Posts

    Blog Archive