Monday, August 3, 2015

Bro 2.4 now available for Security Onion!

Bro 2.4 was recently released:
http://blog.bro.org/2015/06/bro-24-released.html

I've packaged Bro 2.4 and updated the securityonion-bro-scripts, securityonion-elsa-extras, and securityonion-capme packages.  The new packages are as follows:
securityonion-bro - 2.4-0ubuntu0securityonion2
securityonion-bro-scripts - 20121004-0ubuntu0securityonion43
securityonion-elsa-extras - 20131117-1ubuntu0securityonion99
securityonion-capme - 20121213-0ubuntu0securityonion23  
These packages resolve the following issues:

Issue 743: Bro 2.4
https://github.com/Security-Onion-Solutions/security-onion/issues/743

Issue 752: securityonion-bro-scripts: update sensortab.bro for Bro 2.4
https://github.com/Security-Onion-Solutions/security-onion/issues/752

Issue 753: securityonion-bro-scripts: update shellshock module for Bro 2.4
https://github.com/Security-Onion-Solutions/security-onion/issues/753

Issue 754: securityonion-bro-scripts: update extract.bro for Bro 2.4
https://github.com/Security-Onion-Solutions/security-onion/issues/754

Issue 762: securityonion-elsa-extras: update bro_conn parser for Bro 2.4
https://github.com/Security-Onion-Solutions/security-onion/issues/762

Issue 765: securityonion-elsa-extras: update bro_intel parser for Bro 2.4
https://github.com/Security-Onion-Solutions/security-onion/issues/765

Issue 768: securityonion-elsa-extras: update bro_ssl parser for Bro 2.4
https://github.com/Security-Onion-Solutions/security-onion/issues/768

Issue 774: securityonion-elsa-extras: update bro_ssh parser for Bro 2.4
https://github.com/Security-Onion-Solutions/security-onion/issues/774

Issue 773: securityonion-elsa-extras: add Windows and Cisco parsers from Brian Kellogg
https://github.com/Security-Onion-Solutions/security-onion/issues/773

Issue 793: CapMe: Update for Bro 2.4 conn.log
https://github.com/Security-Onion-Solutions/security-onion/issues/793

These packages have been tested by the following (thanks!):
James Taylor
Jay Swan
Heine Lysemose
Tommy Dew
Brian Kellogg

Updating
These new packages are now available in our stable repo.  Please see the following page for full update instructions:
https://github.com/Security-Onion-Solutions/security-onion/wiki/Upgrade

Feedback
If you have any questions or problems, please use our security-onion mailing list:
https://github.com/Security-Onion-Solutions/security-onion/wiki/MailingLists

Training
Need training?  Please see:
http://securityonionsolutions.com

Commercial Support
Need commercial support?  Please see:
http://securityonionsolutions.com

Help Wanted
If you and/or your organization have found value in Security Onion, please consider giving back to the community by joining one of our teams:
https://github.com/Security-Onion-Solutions/security-onion/wiki/TeamMembers

Thanks!

UPDATED 2015-08-10 to add securityonion-capme required due to new field in Bro conn.log.

No comments:

Search This Blog

Featured Post

Security Onion 2.4.50 now available including some new features and lots of bug fixes!

Security Onion 2.4.50 is now available! It includes some new features for our fellow defenders and lots of bug fixes! https://docs.securityo...

Popular Posts

Blog Archive