Security Onion Blog

Monday, December 1, 2014

Snort 2.9.7 and Daq 2.0.4 now available!

Snort 2.9.7 and Daq 2.0.4 were recently released:
http://blog.snort.org/2014/10/snort-297-has-been-released.html

I've updated our packages:
securityonion-daq - 2.0.4-0ubuntu0securityonion2
securityonion-pfring-daq - 20121107-0ubuntu0securityonion9
securityonion-snort - 2.9.7.0-0ubuntu0securityonion4

These new packages should resolve the following issues:

Issue 636: Snort 2.9.7.0
https://code.google.com/p/security-onion/issues/detail?id=636

Issue 637: Snort DAQ 2.0.4
https://code.google.com/p/security-onion/issues/detail?id=637

Issue 648: Rebuild securityonion-pfring-daq for new DAQ
https://code.google.com/p/security-onion/issues/detail?id=648

The new packages have been tested by the following (thanks!):
Eddy Simons
Ronny Vaningh
David Zawdie

Updating
The new packages are now available in our stable repo.  Please see the following page for full update instructions:
https://code.google.com/p/security-onion/wiki/Upgrade

These updates will back up each of your existing snort.conf files to snort.conf.bak.  You'll then need to do the following:

  • re-apply any local customizations to your snort.conf files
  • update ruleset and restart Snort/Suricata as follows:
sudo rule-update
If you get an error like the following:
ERROR: The dynamic detection library "/usr/local/lib/snort_dynamicrules/chat.so" version 1.0 compiled with dynamic engine library version 2.1 isn't compatible with the current dynamic engine library "/usr/lib/snort_dynamicengine/libsf_engine.so" version 2.4.
then please see:
https://code.google.com/p/security-onion/wiki/FAQ#I_just_updated_Snort_and_it's_now_saying_'ERROR:_The_d

Screenshots
"sudo soup" will ask you to check/update your snort.conf file(s)

"sudo rule-update" will download the updated ruleset and restart Snort

Feedback
If you have any questions or problems, please use our security-onion mailing list:
https://code.google.com/p/security-onion/wiki/MailingLists

Training
Need training?  Please see:
https://security-onion-class-20141215.eventbrite.com/

Commercial Support
Need commercial support?  Please see:
http://securityonionsolutions.com

Help Wanted
If you and/or your organization have found value in Security Onion, please consider giving back to the community by joining one of our teams:
https://code.google.com/p/security-onion/wiki/TeamMembers

We especially need help testing new packages:
http://groups.google.com/group/security-onion-testing

Thanks!

at
Labels: , , ,

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)

Search This Blog

Featured Post

Registration Now Open for Augusta Cyber Week 2024!

Registration is now open for Augusta Cyber Week in beautiful Augusta GA from September 30, 2024 through October 5, 2024! This includes: 4-da...

Popular Posts

Blog Archive