Thursday, October 29, 2015

Tuesday, October 13, 2015

BDR2 Progress Report (towards Ubuntu 14.04)

I recently announced our move towards Ubuntu 14.04, called the Big Distro Rebuild 2 (BDR2):
http://blog.securityonion.net/2015/09/bdr2-electric-boogaloo-towards-ubuntu.html

I'm pleased to report that BDR2 is coming along quite nicely!

What works?
At this point, the securityonion-all metapackage and all of its dependencies should install correctly on Ubuntu 14.04 and most of the software should work correctly.

What doesn't work?
Xplico and Salt haven't been moved over yet.  There may be a few other optional packages which haven't been fully tested yet.

How can we help?
We're going to need lots of help testing all of these packages over the next few months, so if you'd like to contribute back to the community, please join the security-onion-testing mailing list and then see the following threads:
https://groups.google.com/d/topic/security-onion-testing/voIjY2OYjtc/discussion
https://groups.google.com/d/topic/security-onion-testing/dXd0qq5HP3c/discussion
https://groups.google.com/d/topic/security-onion-testing/N9DAGuvqSoo/discussion

Thanks!

What's new?
Most things are staying the same, although we're updating ELSA to the latest version which includes new animated charts and dashboards using charts.js.

Dashboard showing top DNS, HTTP, and SSL requests

Connections - Top Services

DHCP - DHCP Servers

DNS - Top Return Code

Files - MIME Types

Files - Sources

FTP - Top Commands

HTTP - Top Ports

HTTP - MIME Types

HTTP - Top Sites

HTTP - Sites Hosting EXEs

HTTP - Sites Hosting JARs

HTTP - Sites Hosting SWFs

HTTP - Sites Hosting ZIPs

Kerberos - Top Services

Notice - Top Notice Types

SMTP - Top Subjects

Software - Software Detected by Bro

SSL - Top SSL Versions

X.509 - Key Length

Monday, October 12, 2015

Next Round of Online Training Sessions - November 2 through November 5

The next round of online training sessions will be held Monday November 2 through Thursday November 5!

For more information and to register, please see:
https://attendee.gototraining.com/9z73w/catalog/8119062504158470144