Snort 2.9.5.6
http://blog.snort.org/2013/11/snort-2956-is-now-available-on-snortorg.html
Suricata 1.4.7
http://www.openinfosecfoundation.org/index.php/component/content/article/1-latest-news/184--suricata-147-released
I've packaged these new releases and the new packages have been tested by JP Bourget and David Zawdie. Thanks, guys!
Upgrading
The new packages are now available in our stable repo. Please see our Upgrade page for full upgrade instructions:
https://code.google.com/p/security-onion/wiki/Upgrade
These updates will do the following:
- back up each of your existing snort.conf files to snort.conf.bak
- update Snort
- back up each of your existing suricata.yaml files to suricata.yaml.bak
- update Suricata
You'll then need to do the following:
- apply your local customizations to the new snort.conf or suricata.yaml files
- update ruleset and restart Snort/Suricata as follows:
sudo rule-update
Release Notes
Snort is now compiled with --enable-sourcefire.
Screenshots
"sudo soup" upgrade process |
Snort 2.9.5.6 and Suricata 1.4.7 |
Updating ruleset and restarting Snort/Suricata using "sudo rule-update" |
If you have any questions or problems, please use our mailing list:
https://code.google.com/p/security-onion/wiki/MailingLists
Help Wanted
If you and/or your organization have found value in Security Onion, please consider giving back to the community by joining one of our teams:
https://code.google.com/p/security-onion/wiki/TeamMembers
We especially need help in answering support questions on the mailing list and IRC channel. Thanks!
For future reference, when is the "sudo rule-update" required, only for specific SO updates, or when Snort is updated to newer version? Thanks!
ReplyDeleteHi William,
ReplyDelete"sudo rule-update" is required when updating Snort to ensure that you get the updated rules specific to your new version of Snort.
If you have further questions, please use our mailing list.