The Snort Community ruleset has moved to a different URL. If you're using the Snort ruleset, you'll need to update your pulledpork.conf. Please see:
https://github.com/Security-Onion-Solutions/security-onion/wiki/FAQ#why-does-rule-update-fail-with-an-error-like-error-404-when-fetching-s3amazonawscomsnort-orgwwwrulescommunitycommunity-rulestargzmd5
Thursday, October 29, 2015
Tuesday, October 13, 2015
BDR2 Progress Report (towards Ubuntu 14.04)
I recently announced our move towards Ubuntu 14.04, called the Big Distro Rebuild 2 (BDR2):
http://blog.securityonion.net/2015/09/bdr2-electric-boogaloo-towards-ubuntu.html
I'm pleased to report that BDR2 is coming along quite nicely!
What works?
At this point, the securityonion-all metapackage and all of its dependencies should install correctly on Ubuntu 14.04 and most of the software should work correctly.
What doesn't work?
Xplico and Salt haven't been moved over yet. There may be a few other optional packages which haven't been fully tested yet.
How can we help?
We're going to need lots of help testing all of these packages over the next few months, so if you'd like to contribute back to the community, please join the security-onion-testing mailing list and then see the following threads:
https://groups.google.com/d/topic/security-onion-testing/voIjY2OYjtc/discussion
https://groups.google.com/d/topic/security-onion-testing/dXd0qq5HP3c/discussion
https://groups.google.com/d/topic/security-onion-testing/N9DAGuvqSoo/discussion
Thanks!
What's new?
Most things are staying the same, although we're updating ELSA to the latest version which includes new animated charts and dashboards using charts.js.
http://blog.securityonion.net/2015/09/bdr2-electric-boogaloo-towards-ubuntu.html
I'm pleased to report that BDR2 is coming along quite nicely!
What works?
At this point, the securityonion-all metapackage and all of its dependencies should install correctly on Ubuntu 14.04 and most of the software should work correctly.
What doesn't work?
Xplico and Salt haven't been moved over yet. There may be a few other optional packages which haven't been fully tested yet.
How can we help?
We're going to need lots of help testing all of these packages over the next few months, so if you'd like to contribute back to the community, please join the security-onion-testing mailing list and then see the following threads:
https://groups.google.com/d/topic/security-onion-testing/voIjY2OYjtc/discussion
https://groups.google.com/d/topic/security-onion-testing/dXd0qq5HP3c/discussion
https://groups.google.com/d/topic/security-onion-testing/N9DAGuvqSoo/discussion
Thanks!
What's new?
Most things are staying the same, although we're updating ELSA to the latest version which includes new animated charts and dashboards using charts.js.
 |
| Dashboard showing top DNS, HTTP, and SSL requests |
 |
| Connections - Top Services |
 |
| DHCP - DHCP Servers |
 |
| DNS - Top Return Code |
 |
| Files - MIME Types |
 |
| Files - Sources |
 |
| FTP - Top Commands |
 |
| HTTP - Top Ports |
 |
| HTTP - MIME Types |
 |
| HTTP - Top Sites |
 |
| HTTP - Sites Hosting EXEs |
 |
| HTTP - Sites Hosting JARs |
 |
| HTTP - Sites Hosting SWFs |
 |
| HTTP - Sites Hosting ZIPs |
 |
| Kerberos - Top Services |
 |
| Notice - Top Notice Types |
 |
| SMTP - Top Subjects |
 |
| Software - Software Detected by Bro |
 |
| SSL - Top SSL Versions |
 |
| X.509 - Key Length |
Monday, October 12, 2015
Next Round of Online Training Sessions - November 2 through November 5
The next round of online training sessions will be held Monday November 2 through Thursday November 5!
For more information and to register, please see:
https://attendee.gototraining.com/9z73w/catalog/8119062504158470144
For more information and to register, please see:
https://attendee.gototraining.com/9z73w/catalog/8119062504158470144