Security Onion 20111116 is now available! This resolves the following issue:
Issue 150 - Ensure that OSSEC timezone matches the host's timezone
New Users
New users can download and install the new 20111103 ISO image using the instructions here and then follow the In-Place Upgrade instructions below.
In-place Upgrade
Existing Security Onion users can perform an in-place upgrade using the following command (if you're behind a proxy, remember to set your proxy variables as described in the FAQ):
sudo -i "curl -L http://sourceforge.net/projects/security-onion/files/security-onion-upgrade.sh > ~/security-onion-upgrade.sh && bash ~/security-onion-upgrade.sh"
Note that the upgrade script is cumulative and will upgrade any older version of Security Onion to the most recent version (including any updates in between).
Screenshots
Upgrade Process |
Hi Doug,
ReplyDeleteI had a question - it's related to S-Guil as opposed to SecurityOnion but maybe you can point me in the right direction?
I am following the directions at http://taosecurity.blogspot.com/2006/03/new-sguil-vm-available-for-testing.html.
the following prompt in Xterm:
Taosecurity:/home/analyst$
I enter
su - root.
It asks for a password so I reply with
r00t.
The system prompts me with
Taosecurity:/root# so I respond with
sancp_start.sh
and it responds with
sancp_start.sh: Command not found and puts me back at the root command. I have tried the rest of the commands
snort_start.sh and
/usr/local/bin/log_packets.sh restart and in both cases it again, tells me the command is not recognised.
I posted to a Sourceforge forum but since that forum hadn't been answered in 6 years, someone suggested that I try your SecurityOnion site.
Can you tell me what I'm doing wrong, please or direct me towards a good forum?
Many thanks
Justin Forde.
Hi justin81,
ReplyDeleteThat Sguil VM is from 2006. Security Onion has all the latest and greatest software. Please use it instead.
Thanks,
Doug