Tuesday, March 13, 2012

Security Onion and Ubuntu's MySQL 5.1 update

Ubuntu just released new MySQL packages.  A few things to be aware of for Security Onion users:

  • The update will stop MySQL in order to perform the update.  If sguild is running at the time, it will terminate as soon as MySQL stops.  Once you've successfully completed the update and MySQL is back up and running, you should run the following on your Security Onion server to start sguild:
sudo nsm_server_ps-start
  • When updating a Security Onion SENSOR (that sends its alerts to a separate Security Onion server), the update will try to start MySQL, but it will hang since port 3306 is already in use (being forwarded to the server over SSH).  You can simply kill the startup since MySQL is currently not used on Security Onion sensors.  On subsequent reboots, MySQL will startup, but when /etc/init/securityonion.conf executes, it will stop MySQL and bring up the SSH tunnel with port 3306 forwarded to the server.
If you have any questions or problems, please send a detailed email to our mailing list.  Thanks!

No comments:

Search This Blog

Featured Post

Sneak Peek: New Detections Feature coming in Security Onion 2.4.70!

Our latest video is a sneak peek at a NEW feature coming to our FREE and OPEN Security Onion platform in the upcoming 2.4.70 release! This n...

Popular Posts

Blog Archive