Monday, September 19, 2011

Security Onion 20110919 now available!

Security Onion 20110919 is now available!  This update does the following:

    • Updates the NSMnow admin scripts to support argus.
    • Starts argus on all monitored interfaces.

    Each argus instance will log to the following location:

    In-place Upgrade
    Existing Security Onion users can perform an in-place upgrade using the following command (if you're behind a proxy, remember to set your proxy variables as described in the FAQ):
    sudo -i "curl -L > ~/ && bash ~/"

    Upgrade script installs new NSM scripts and starts argus on all monitored interfaces (eth0, eth1, and eth2 in this case)

    Running argus processes
    Argus processes log to /nsm/sensor_data/NAME-OF-SENSOR/argus/YYYY-MM-DD.log

    Running one of the argus clients (ranonymize, to anonymize my IP addresses) on the argus logs

    No comments:

    Search This Blog

    Featured Post

    Security Onion 2.4 Feature o' the Day - Configure Packet Capture

    Security Onion 2.4 includes lots of new features! SOC's new Configuration interface allows you to configure packet capture: You can read...

    Popular Posts

    Blog Archive