Security Onion Blog

Saturday, January 11, 2014

New securityonion-web-page package adds SSH country and status links

I've updated our recently released securityonion-web-page package to add links that will group SSH connections by country and status.  The updated package version is securityonion-web-page - 20120722-0ubuntu0securityonion14.

Issues Resolved

Issue 469: securityonion-web-page: add SSH queries for country and status
https://code.google.com/p/security-onion/issues/detail?id=469

Screenshots
SSH: Top Countries - SSH connections grouped by country code

SSH: Status - Bro heuristically determines if an SSH login attempt succeeded

Updating
The new package is now available in our stable repo.  Please see the following page for full update instructions:
https://code.google.com/p/security-onion/wiki/Upgrade

Feedback
If you have any questions or problems, please use our mailing list:
https://code.google.com/p/security-onion/wiki/MailingLists

Help Wanted
If you and/or your organization have found value in Security Onion, please consider giving back to the community by joining one of our teams:
https://code.google.com/p/security-onion/wiki/TeamMembers

We especially need help in answering support questions on the mailing list and IRC channel.  Thanks!

at
Labels: ,

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)

Search This Blog

Featured Post

New Security Onion Online Training Class - Detection Engineering with Security Onion!

We've just added an exciting new course to our online Security Onion 2.4 training catalog! It's called "Detection Engineering w...

Popular Posts

Blog Archive