Security Onion: New NSM/setup/sostat packages

Security Onion Blog

Tuesday, January 27, 2015

New NSM/setup/sostat packages

I've updated the NSM, setup, and sostat packages and the new package versions are as follows:
securityonion-nsmnow-admin-scripts - 20120724-0ubuntu0securityonion110
securityonion-setup - 20120912-0ubuntu0securityonion130
securityonion-sostat - 20120722-0ubuntu0securityonion32

These new packages have been tested by the following (thanks!):
David Zawdie
Mike Pilkington

Issues Resolved

Issue 663: sosetup: sosetup.conf SGUIL_CLIENT_PASSWORD_1 should say Sguil/Squert/ELSA/Snorby
https://code.google.com/p/security-onion/issues/detail?id=663

Issue 664: sosetup: run Bro as non-root user
https://code.google.com/p/security-onion/issues/detail?id=664

Issue 666: sostat: run Bro as non-root user
https://code.google.com/p/security-onion/issues/detail?id=666

Issue 665: NSM: run Bro as non-root user
https://code.google.com/p/security-onion/issues/detail?id=665

Issue 676: NSM: run Sguil as non-root user
https://code.google.com/p/security-onion/issues/detail?id=676

Issue 671: NSM: /etc/cron.d/sensor-clean needs 2>&1
https://code.google.com/p/security-onion/issues/detail?id=671

Release Notes
If you normally restart Bro with "sudo broctl restart", this will restart Bro as root. To restart Bro as a non-root user, please use "sudo nsm_sensor_ps-restart --only-bro" instead.

Screenshots

Update Process

After updating, stop all processes with "sudo service nsm stop" and then...

...restart all processes with "sudo service nsm start" so that they will now be running as a non-root user

Updating
The new packages are now available in our stable repo. Please see the following page for full update instructions:
https://code.google.com/p/security-onion/wiki/Upgrade

Feedback
If you have any questions or problems, please use our security-onion mailing list:
https://code.google.com/p/security-onion/wiki/MailingLists

Commercial Support
Need training and/or commercial support? Please see:
http://securityonionsolutions.com

Help Wanted
If you and/or your organization have found value in Security Onion, please consider giving back to the community by joining one of our teams:
https://code.google.com/p/security-onion/wiki/TeamMembers

Thanks!

No comments:

Subscribe to: Post Comments (Atom)