Monday, August 3, 2015

Bro 2.4 now available for Security Onion!

Bro 2.4 was recently released:

I've packaged Bro 2.4 and updated the securityonion-bro-scripts, securityonion-elsa-extras, and securityonion-capme packages.  The new packages are as follows:
securityonion-bro - 2.4-0ubuntu0securityonion2
securityonion-bro-scripts - 20121004-0ubuntu0securityonion43
securityonion-elsa-extras - 20131117-1ubuntu0securityonion99
securityonion-capme - 20121213-0ubuntu0securityonion23  
These packages resolve the following issues:

Issue 743: Bro 2.4

Issue 752: securityonion-bro-scripts: update sensortab.bro for Bro 2.4

Issue 753: securityonion-bro-scripts: update shellshock module for Bro 2.4

Issue 754: securityonion-bro-scripts: update extract.bro for Bro 2.4

Issue 762: securityonion-elsa-extras: update bro_conn parser for Bro 2.4

Issue 765: securityonion-elsa-extras: update bro_intel parser for Bro 2.4

Issue 768: securityonion-elsa-extras: update bro_ssl parser for Bro 2.4

Issue 774: securityonion-elsa-extras: update bro_ssh parser for Bro 2.4

Issue 773: securityonion-elsa-extras: add Windows and Cisco parsers from Brian Kellogg

Issue 793: CapMe: Update for Bro 2.4 conn.log

These packages have been tested by the following (thanks!):
James Taylor
Jay Swan
Heine Lysemose
Tommy Dew
Brian Kellogg

These new packages are now available in our stable repo.  Please see the following page for full update instructions:

If you have any questions or problems, please use our security-onion mailing list:

Need training?  Please see:

Commercial Support
Need commercial support?  Please see:

Help Wanted
If you and/or your organization have found value in Security Onion, please consider giving back to the community by joining one of our teams:


UPDATED 2015-08-10 to add securityonion-capme required due to new field in Bro conn.log.

No comments:

Search This Blog

Featured Post

Quick Malware Analysis: WORD MACRO --> SSLOAD --> COBALT STRIKE pcap from 2024-04-18

Thanks to Brad Duncan for sharing this pcap from 2024-04-18 on his malware traffic analysis site! Due to issues with Google flagging a warni...

Popular Posts

Blog Archive