Tuesday, April 28, 2015

New securityonion-rule-update package

securityonion-rule-update - 20120726-0ubuntu0securityonion28 is now available and should resolve the following issue:

Issue 715: securityonion-rule-update: sensor-only boxes running salt shouldn't try to copy /etc/cron.d/rule-update
https://github.com/Security-Onion-Solutions/security-onion/issues/715

The new package has been tested by Ryan Peck (thanks!).

Updating
The new package is now available in our stable repo.  Please see the following page for full update instructions:
https://github.com/Security-Onion-Solutions/security-onion/wiki/Upgrade

Feedback
If you have any questions or problems, please use our security-onion mailing list:
https://github.com/Security-Onion-Solutions/security-onion/wiki/MailingLists

Training
Need training?  Please see:
http://securityonionsolutions.com

Commercial Support
Need commercial support?  Please see:
http://securityonionsolutions.com

Help Wanted
If you and/or your organization have found value in Security Onion, please consider giving back to the community by joining one of our teams:
https://github.com/Security-Onion-Solutions/security-onion/wiki/TeamMembers

Thanks!

Thursday, April 23, 2015

Security Onion Training in May

Only 2 weeks left to register for the upcoming 4-day Security Onion class in Houston TX which will be held May 12-15.  Here's a discount code good for $400 off!
sos20150423

For more details and to register, please see:
https://security-onion-class-20150512.eventbrite.com/

If you can't make it to Houston, we also have online training sessions May 19-22:
https://attendee.gototraining.com/9z73w/catalog/8119062504158470144

Wednesday, April 22, 2015

New securityonion-rule-update package

securityonion-rule-update - 20120726-0ubuntu0securityonion27 is now available and should resolve the following issues:

Issue 681: rule-update: wipe snort_dynamicrules directory on sensor
https://github.com/Security-Onion-Solutions/security-onion/issues/681

Issue 677: rule-update: create /usr/local/lib/snort_dynamicrules/ if it doesn't already exist
https://github.com/Security-Onion-Solutions/security-onion/issues/677

Issue 678: rule-update: /etc/cron.d/rule-update should have 2>&1
https://github.com/Security-Onion-Solutions/security-onion/issues/678

Issue 697: rule-update: log snorby reference table update to barnyard2-snorby.log
https://github.com/Security-Onion-Solutions/security-onion/issues/697

Issue 679: rule-update: run pulledpork as unprivileged user
https://github.com/Security-Onion-Solutions/security-onion/issues/679

The new package has been tested by David Zawdie (thanks!).

Updating
The new package is now available in our stable repo.  Please see the following page for full update instructions:
https://github.com/Security-Onion-Solutions/security-onion/wiki/Upgrade

Feedback
If you have any questions or problems, please use our security-onion mailing list:
https://github.com/Security-Onion-Solutions/security-onion/wiki/MailingLists

Training
Need training?  Please see:
http://securityonionsolutions.com

Commercial Support
Need commercial support?  Please see:
http://securityonionsolutions.com

Help Wanted
If you and/or your organization have found value in Security Onion, please consider giving back to the community by joining one of our teams:
https://github.com/Security-Onion-Solutions/security-onion/wiki/TeamMembers

Thanks!

Tuesday, April 21, 2015

New securityonion-sostat package

securityonion-sostat - 20120722-0ubuntu0securityonion34 is now available and should resolve the following issues:

Issue 692: sostat: list number of ELSA buffers in queue and warn if higher than 20
https://github.com/Security-Onion-Solutions/security-onion/issues/692

Issue 701: sostat: include number of CPU cores
https://github.com/Security-Onion-Solutions/security-onion/issues/701

The new package has been tested by David Zawdie (thanks!).

Updating
The new package is now available in our stable repo.  Please see the following page for full update instructions:
https://github.com/Security-Onion-Solutions/security-onion/wiki/Upgrade

Feedback
If you have any questions or problems, please use our security-onion mailing list:
https://github.com/Security-Onion-Solutions/security-onion/wiki/MailingLists

Training
Need training?  Please see:
http://securityonionsolutions.com

Commercial Support
Need commercial support?  Please see:
http://securityonionsolutions.com

Help Wanted
If you and/or your organization have found value in Security Onion, please consider giving back to the community by joining one of our teams:
https://github.com/Security-Onion-Solutions/security-onion/wiki/TeamMembers

Thanks!

Monday, April 20, 2015

New securityonion-sguil-db-purge package

securityonion-sguil-db-purge - 20120722-0ubuntu0securityonion12 is now available and should resolve the following issue:

Issue 711: Add "date" command to /usr/bin/sguil-db-purge
https://github.com/Security-Onion-Solutions/security-onion/issues/711

The new package has been tested by David Zawdie (thanks!).

Updating
The new package is now available in our stable repo.  Please see the following page for full update instructions:
https://github.com/Security-Onion-Solutions/security-onion/wiki/Upgrade

Feedback
If you have any questions or problems, please use our security-onion mailing list:
https://github.com/Security-Onion-Solutions/security-onion/wiki/MailingLists

Training
Need training?  Please see:
http://securityonionsolutions.com

Commercial Support
Need commercial support?  Please see:
http://securityonionsolutions.com

Help Wanted
If you and/or your organization have found value in Security Onion, please consider giving back to the community by joining one of our teams:
https://github.com/Security-Onion-Solutions/security-onion/wiki/TeamMembers

Thanks!

Friday, April 3, 2015

Security Onion 301: Best Practices for Distributed Deployments

Our next online class has been scheduled!  "Security Onion 301: Best Practices for Distributed Deployments" will be Tuesday, April 21.  For more details and to register, please see:
https://attendee.gototraining.com/9z73w/catalog/8119062504158470144