Thursday, February 13, 2014

New securityonion-elsa-extras package properly randomizes apikey on master server

Scott Runnels has updated the securityonion-elsa-extras package to properly randomize the ELSA apikey on the master server.  Thanks, Scott!

The updated package version is securityonion-elsa-extras - 20131117-1ubuntu0securityonion36 and it has been tested by the following (thanks!):
Michal Purzynski
David Zawdie

Issues Resolved
Issue 478: securityonion-elsa-extras: randomize API key in master's elsa_web.conf

Release Notes
When the new package installs, it will check /etc/elsa_web.conf to see if you have an apikey set to the default of "1".  If so, it will automatically replace that default apikey with a properly randomized apikey.  You'll then need to restart Apache to make the change take effect:
sudo service apache2 restart

Please be reminded that the management interface of your master server (where the ELSA web interface runs) should be connected to a dedicated management network or locked down via firewall rules to only accept connections from analyst IP addresses:

BEFORE new package - apikey defaulted to 1

Installing new package, which will automatically check for default apikey and randomize if necessary

AFTER new package - apikey is now properly randomized 
Restarting Apache to make change in /etc/elsa_web.conf take effect

The new package is now available in our stable repo.  Please see the following page for full update instructions:

If you have any questions or problems, please use our security-onion mailing list:

Help Wanted
If you and/or your organization have found value in Security Onion, please consider giving back to the community by joining one of our teams:

We especially need help in answering support questions on the mailing list:

We also need help testing new packages:


No comments:

Search This Blog

Featured Post

Registration Now Open for Augusta Cyber Week 2024!

Registration is now open for Augusta Cyber Week in beautiful Augusta GA from September 30, 2024 through October 5, 2024! This includes: 4-da...

Popular Posts

Blog Archive