Wednesday, November 16, 2011

Security Onion 20111116 now available!


Security Onion 20111116 is now available!  This resolves the following issue:
Issue 150 - Ensure that OSSEC timezone matches the host's timezone

New Users
New users can download and install the new 20111103 ISO image using the instructions here and then follow the In-Place Upgrade instructions below.

In-place Upgrade
Existing Security Onion users can perform an in-place upgrade using the following command (if you're behind a proxy, remember to set your proxy variables as described in the FAQ):
sudo -i "curl -L http://sourceforge.net/projects/security-onion/files/security-onion-upgrade.sh > ~/security-onion-upgrade.sh && bash ~/security-onion-upgrade.sh"
Note that the upgrade script is cumulative and will upgrade any older version of Security Onion to the most recent version (including any updates in between).

Screenshots
Upgrade Process

2 comments:

  1. Hi Doug,
    I had a question - it's related to S-Guil as opposed to SecurityOnion but maybe you can point me in the right direction?
    I am following the directions at http://taosecurity.blogspot.com/2006/03/new-sguil-vm-available-for-testing.html.
    the following prompt in Xterm:
    Taosecurity:/home/analyst$
    I enter
    su - root.
    It asks for a password so I reply with
    r00t.
    The system prompts me with
    Taosecurity:/root# so I respond with
    sancp_start.sh
    and it responds with
    sancp_start.sh: Command not found and puts me back at the root command. I have tried the rest of the commands
    snort_start.sh and
    /usr/local/bin/log_packets.sh restart and in both cases it again, tells me the command is not recognised.
    I posted to a Sourceforge forum but since that forum hadn't been answered in 6 years, someone suggested that I try your SecurityOnion site.
    Can you tell me what I'm doing wrong, please or direct me towards a good forum?


    Many thanks
    Justin Forde.

    ReplyDelete
  2. Hi justin81,

    That Sguil VM is from 2006. Security Onion has all the latest and greatest software. Please use it instead.

    Thanks,
    Doug

    ReplyDelete

Note: Only a member of this blog may post a comment.