Tuesday, January 6, 2015

New NSM and Setup packages resolve several issues

I've updated the NSM and Setup packages to resolve several issues.  The new packages are as follows:

securityonion-nsmnow-admin-scripts - 20120724-0ubuntu0securityonion99
securityonion-setup - 20120912-0ubuntu0securityonion127

These new packages should resolve the following issues:

Issue 658: NSM: fix umask on Snort unified2 output
https://code.google.com/p/security-onion/issues/detail?id=658

Issue 548: NSM: run barnyard2 as non-root user
https://code.google.com/p/security-onion/issues/detail?id=548

Issue 649: nsm_all_del_quick: check for /etc/nsm/servertab and /etc/nsm/sensortab before trying to read
https://code.google.com/p/security-onion/issues/detail?id=649

Issue 598: so-snorby-wipe
https://code.google.com/p/security-onion/issues/detail?id=598

Issue 610: NSM: ossec_agent alert level should be configurable
https://code.google.com/p/security-onion/issues/detail?id=610

Issue 660: Setup: add OSSEC_AGENT_LEVEL to /etc/nsm/securityonion.conf
https://code.google.com/p/security-onion/issues/detail?id=660


These new packages have been tested by David Zawdie (thanks!).

Screenshots
Run "sudo nsm_sensor_ps-restart" to restart ossec_agent, snort, and barnyard2

/etc/nsm/securityonion.conf now contains OSSEC_AGENT_LEVEL

Snort unified2 output now has proper permissions

Barnyard2 is now running as a non-root user
 
If you need to wipe the alerts in the Snorby database, you can now use so-snorby-wipe

Updating
The new packages are now available in our stable repo.  Please see the following page for full update instructions:
https://code.google.com/p/security-onion/wiki/Upgrade

Feedback
If you have any questions or problems, please use our security-onion mailing list:
https://code.google.com/p/security-onion/wiki/MailingLists

Commercial Support
Need training and/or commercial support?  Please see:
http://securityonionsolutions.com

Help Wanted
If you and/or your organization have found value in Security Onion, please consider giving back to the community by joining one of our teams:
https://code.google.com/p/security-onion/wiki/TeamMembers

Thanks!

No comments:

Search This Blog

Featured Post

Security Onion 2.4.50 now available including some new features and lots of bug fixes!

Security Onion 2.4.50 is now available! It includes some new features for our fellow defenders and lots of bug fixes! https://docs.securityo...

Popular Posts

Blog Archive