Changes since 12.04.3 ISO
The new 12.04.4 ISO image has all Ubuntu and Security Onion updates as of 2/21 including:
- Linux kernel 3.2.0-59
- Snort 2.9.5.6
- Suricata 1.4.7
- Bro 2.2
- ELSA 1.5
- Squert 1.2.0
- CapMe
- securityonion-web-page (ELSA query page at https://onion/elsa)
- Setup
- sostat
- NSM scripts
- ET ruleset (/etc/nsm/rules/downloaded.rules)
Changes in the ISO Image Itself
The new 12.04.4 ISO image resolves a few issues in the ISO image itself:
- boot menu: the Install option never really worked right and has now been removed so that folks will choose one of the Live options that allow them to Install but also allow them to check hardware and read the README
- boot menu: added "nomodeset" option since some folks needed that to boot on certain video chipsets
- after choosing an option on the boot menu, the Xubuntu boot progress indicator has been replaced with a Security Onion boot progress indicator
- unnecessary shortcuts have been removed from the Live desktop so that users don't try to run Setup before running the Installer
- previously, if you ran "sudo service nsm status" before running Setup, you'd get an error message. This has been resolved.
- salt-master and salt-minion were previously enabled on ISO boot, which resulted in lots of DNS lookups for "salt". They are now disabled by default (you can still enable them during Setup of course).
- byobu is now included by default:
https://help.ubuntu.com/community/Byobu
In short, it's the best release ever!
Screenshots
Boot menu (Install option has been removed and replaced with "nomodeset" option) |
Security Onion boot progress indicator |
Removed extraneous icons from Live desktop |
Byobu is now installed by default |
New Users
I've updated the Installation guide to reflect the download locations for the new 12.04.4 ISO image:
https://code.google.com/p/security-onion/wiki/Installation
As always, please remember to verify the checksum of the downloaded ISO image using the instructions in the Installation guide. Here's the MD5 for this release:
4107d6b6c469b27014da7ce26f249e5e
Existing Deployments
If you have existing installations based on our original 12.04 ISO image, there is no need to download the new 12.04.4 ISO image. You can simply continue using our standard update process to install updated packages as they are made available:
https://code.google.com/p/security-onion/wiki/Upgrade
Feedback
If you have any questions or problems, please use our mailing list:
https://code.google.com/p/security-onion/wiki/MailingLists
Thanks
Thanks to George Jones for creating the torrent for the new ISO image!
Thanks to the following for testing the new ISO image!
Matt Gregory
David Zawdie
Heine Lysemose
JP Bourget
Help Wanted
If you and/or your organization have found value in Security Onion, please consider giving back to the community by joining one of our teams:
https://code.google.com/p/security-onion/wiki/TeamMembers
We especially need help in answering support questions on the mailing list:
http://groups.google.com/group/security-onion
We also need help testing new packages:
http://groups.google.com/group/security-onion-testing
There will be a 2-day Security Onion class in Houston on May 8-9. Stay tuned for further details!