Security Onion Blog

Monday, September 19, 2011

Security Onion 20110919 now available!

Security Onion 20110919 is now available!  This update does the following:

    • Updates the NSMnow admin scripts to support argus.
    • Starts argus on all monitored interfaces.

    Each argus instance will log to the following location:
    /nsm/sensor_data/NAME-OF-SENSOR/argus/YYYY-MM-DD.log

    In-place Upgrade
    Existing Security Onion users can perform an in-place upgrade using the following command (if you're behind a proxy, remember to set your proxy variables as described in the FAQ):
    sudo -i "curl -L http://sourceforge.net/projects/security-onion/files/security-onion-upgrade.sh > ~/security-onion-upgrade.sh && bash ~/security-onion-upgrade.sh"


    Screenshots
    Upgrade script installs new NSM scripts and starts argus on all monitored interfaces (eth0, eth1, and eth2 in this case)

    Running argus processes
    Argus processes log to /nsm/sensor_data/NAME-OF-SENSOR/argus/YYYY-MM-DD.log


    Running one of the argus clients (ranonymize, to anonymize my IP addresses) on the argus logs

    at
    Labels: ,

    No comments:

    Post a Comment

    Subscribe to: Post Comments (Atom)

    Search This Blog

    Featured Post

    Did You Know Security Onion Scales to the Enterprise?

    Did you know Security Onion scales to the enterprise? Security Onion is designed to scale from simple standalone deployments all the way up ...

    Popular Posts

    Blog Archive