Friday, August 1, 2014

PF_RING, Snort, and Suricata packages have reached Release Candidate status!

Our new PF_RING/Snort/Suricata packages have reached Release Candidate status!  Since these packages are critical components, I'd like to do one final phase of testing before promoting to stable.  If at all possible, please try installing on some of your production sensors so that we can get some real world testing before promoting to stable.

Join the discussion here:
https://groups.google.com/d/topic/security-onion-testing/mKVn-GAPaIg/discussion

2 comments:

Anonymous said...

Will the Suricata package support the XFF field?

thanks!

Doug Burks said...

Hi Anonymous,

I believe XFF support was added in Suricata 2.0. Please see:

http://suricata-ids.org/2014/03/25/suricata-2-0-available/

Search This Blog

Featured Post

Did you know that you can configure Security Onion to only record PCAP for Suricata NIDS alerts?

Folks sometimes ask how to only record PCAP for Suricata NIDS alerts so that they can save disk space. Our preference is to NOT limit PCAP t...

Popular Posts

Blog Archive