Friday, February 28, 2014

Security Onion 12.04.4 ISO image now available

We have a new Security Onion 12.04.4 ISO image now available that contains all the latest Ubuntu and Security Onion updates as of February 21, 2014!

Changes since 12.04.3 ISO

The new 12.04.4 ISO image has all Ubuntu and Security Onion updates as of 2/21 including:

  • Linux kernel 3.2.0-59
  • Snort
  • Suricata 1.4.7
  • Bro 2.2
  • ELSA 1.5
  • Squert 1.2.0
  • CapMe
  • securityonion-web-page (ELSA query page at https://onion/elsa)
  • Setup
  • sostat
  • NSM scripts
  • ET ruleset (/etc/nsm/rules/downloaded.rules)

Changes in the ISO Image Itself

The new 12.04.4 ISO image resolves a few issues in the ISO image itself:

  • boot menu: the Install option never really worked right and has now been removed so that folks will choose one of the Live options that allow them to Install but also allow them to check hardware and read the README
  • boot menu: added "nomodeset" option since some folks needed that to boot on certain video chipsets
  • after choosing an option on the boot menu, the Xubuntu boot progress indicator has been replaced with a Security Onion boot progress indicator
  • unnecessary shortcuts have been removed from the Live desktop so that users don't try to run Setup before running the Installer
  • previously, if you ran "sudo service nsm status" before running Setup, you'd get an error message.  This has been resolved.
  • salt-master and salt-minion were previously enabled on ISO boot, which resulted in lots of DNS lookups for "salt".  They are now disabled by default (you can still enable them during Setup of course).
  • byobu is now included by default:

In short, it's the best release ever!

Boot menu (Install option has been removed and replaced with "nomodeset" option)

Security Onion boot progress indicator

Removed extraneous icons from Live desktop 

Byobu is now installed by default

New Users
I've updated the Installation guide to reflect the download locations for the new 12.04.4 ISO image:

As always, please remember to verify the checksum of the downloaded ISO image using the instructions in the Installation guide.  Here's the MD5 for this release:

Existing Deployments
If you have existing installations based on our original 12.04 ISO image, there is no need to download the new 12.04.4 ISO image.  You can simply continue using our standard update process to install updated packages as they are made available:

If you have any questions or problems, please use our mailing list:


Thanks to George Jones for creating the torrent for the new ISO image!

Thanks to the following for testing the new ISO image!
Matt Gregory
David Zawdie
Heine Lysemose
JP Bourget

Help Wanted
If you and/or your organization have found value in Security Onion, please consider giving back to the community by joining one of our teams:

We especially need help in answering support questions on the mailing list:

We also need help testing new packages:

There will be a 2-day Security Onion class in Houston on May 8-9.  Stay tuned for further details!

No comments:

Search This Blog

Featured Post

New Security Onion Online Training Class - Detection Engineering with Security Onion!

We've just added an exciting new course to our online Security Onion 2.4 training catalog! It's called "Detection Engineering w...

Popular Posts

Blog Archive