Monday, October 27, 2014

New securityonion-web-page and securityonion-elsa-extras packages provide more SSL visibility

A vulnerability in SSLv3 was recently announced (nicknamed POODLE):

In response to this, we recently added some SSLv3 queries:

Today, we're adding some additional ELSA queries to allow you to see your SSL traffic grouped by version or by cipher.

SSL - Top SSL Versions

SSL - Top SSL Ciphers

Today's update will also reconfigure Security Onion's Apache instance to no longer accept connections using SSLv3.

The new package versions are as follows:

securityonion-elsa-extras - 20131117-1ubuntu0securityonion45
securityonion-web-page - 20141015-0ubuntu0securityonion2

Issues Resolved

Issue 629: securityonion-web-page: disable SSLv3 in Apache ssl.conf

Issue 627: securityonion-web-page: separate syslog-ng into program and host queries

Issue 631: securityonion-web-page: collapse query categories by default

Issue 634: securityonion-web-page: add queries for ssl_version and ssl_cipher

Issue 633: securityonion-elsa-extras: parse ssl_version and ssl_cipher out of Bro ssl.log

The new packages are now available in our stable repo.  Please see the following page for full update instructions:

Updating with "sudo soup"

Restarting Apache with "sudo service apache2 restart"

Verifying that Apache no longer accepts SSLv3 connections

Thanks to Lee Sharp for providing the new collapsible query categories!
Thanks to Eddy Simons and David Zawdie for testing!

If you have any questions or problems, please use our security-onion mailing list:

Commercial Support
Need commercial support?  Please see:

Help Wanted
If you and/or your organization have found value in Security Onion, please consider giving back to the community by joining one of our teams:

We especially need help in answering support questions on the mailing list:

We also need help testing new packages:


No comments:

Search This Blog

Featured Post

Celebrating 10 Years of Security Onion Solutions and Announcing Security Onion Pro!

From Doug Burks, Founder and CEO of Security Onion Solutions:  There’s an old saying that it takes ten years to be an overnight success. Tha...

Popular Posts

Blog Archive