The following package is now available:
securityonion-squert - 20161212-1ubuntu1securityonion9
This new package should resolve the following issues:
Issue 883: Squert 1.6.3
https://github.com/Security-Onion-Solutions/security-onion/issues/883
Issue 868: Squert: Summary page, clicking country, src/dst results in empty page
https://github.com/Security-Onion-Solutions/security-onion/issues/868
Issue 958: Squert: OSSEC HIDS alerts display NIDS rules
https://github.com/Security-Onion-Solutions/security-onion/issues/958
Thanks to Wes Lambert for testing!
Updating
This package is now available in our stable repo. Please see the following page for full update instructions:
https://github.com/Security-Onion-Solutions/security-onion/wiki/Upgrade
You may need to Shift-Reload in your browser and/or empty browser cache to ensure you're running the latest Squert javascript.
Want to show your support for Security Onion?
Security Onion t-shirts are available in our CafePress store!
http://www.cafepress.com/securityonion/11820053
Training
Security Onion Solutions provides onsite, online, and on-demand training. For more information, please see:
https://securityonionsolutions.com
Support
Need support? Please see:
https://github.com/Security-Onion-Solutions/security-onion/wiki/Support
Thanks!
Wednesday, December 21, 2016
Tuesday, December 20, 2016
Bro 2.5 now available for Security Onion!
Bro 2.5 was released recently:
http://blog.bro.org/2016/11/bro-25-released.html
https://www.bro.org/download/NEWS.bro.html
https://www.bro.org/download/CHANGES.bro.txt
I've packaged Bro 2.5 and also updated the securityonion-bro-scripts and securityonion-elsa-extras packages. The new packages are as follows:
securityonion-bro - 2.5-1ubuntu1securityonion3
securityonion-bro-scripts - 20121004-0ubuntu0securityonion49
securityonion-elsa-extras - 20151011-1ubuntu1securityonion47
These packages resolve the following issues:
Issue 1023: Bro 2.5
https://github.com/Security-Onion-Solutions/security-onion/issues/1023
Issue 1028: securityonion-bro-scripts: update for Bro 2.5
https://github.com/Security-Onion-Solutions/security-onion/issues/1028
Issue 1029: securityonion-elsa-extras: update for Bro 2.5
https://github.com/Security-Onion-Solutions/security-onion/issues/1029
Thanks to Wes Lambert and Rob Bardo for testing!
Updating
These packages are now available in our stable repo. Please see the following page for full update instructions:
https://github.com/Security-Onion-Solutions/security-onion/wiki/Upgrade
These updates will back up your Bro configuration. You'll then need to do the following:
http://www.cafepress.com/securityonion/11820053
Training
Security Onion Solutions provides onsite, online, and on-demand training. For more information, please see:
https://securityonionsolutions.com
Support
Need support? Please see:
https://github.com/Security-Onion-Solutions/security-onion/wiki/Support
Thanks!
http://blog.bro.org/2016/11/bro-25-released.html
https://www.bro.org/download/NEWS.bro.html
https://www.bro.org/download/CHANGES.bro.txt
I've packaged Bro 2.5 and also updated the securityonion-bro-scripts and securityonion-elsa-extras packages. The new packages are as follows:
securityonion-bro - 2.5-1ubuntu1securityonion3
securityonion-bro-scripts - 20121004-0ubuntu0securityonion49
securityonion-elsa-extras - 20151011-1ubuntu1securityonion47
These packages resolve the following issues:
Issue 1023: Bro 2.5
https://github.com/Security-Onion-Solutions/security-onion/issues/1023
Issue 1028: securityonion-bro-scripts: update for Bro 2.5
https://github.com/Security-Onion-Solutions/security-onion/issues/1028
Issue 1029: securityonion-elsa-extras: update for Bro 2.5
https://github.com/Security-Onion-Solutions/security-onion/issues/1029
Thanks to Wes Lambert and Rob Bardo for testing!
Updating
These packages are now available in our stable repo. Please see the following page for full update instructions:
https://github.com/Security-Onion-Solutions/security-onion/wiki/Upgrade
These updates will back up your Bro configuration. You'll then need to do the following:
- re-apply any local customizations to the Bro config
- restart Bro as follows:
sudo nsm_sensor_ps-restart --only-bro
Want to show your support for Security Onion?
Security Onion t-shirts are available in our CafePress store!http://www.cafepress.com/securityonion/11820053
Training
Security Onion Solutions provides onsite, online, and on-demand training. For more information, please see:
https://securityonionsolutions.com
Support
Need support? Please see:
https://github.com/Security-Onion-Solutions/security-onion/wiki/Support
Thanks!
Monday, December 19, 2016
securityonion-nsmnow-admin-scripts - 20120724-0ubuntu0securityonion149 resolves two issues
The following package is now available:
securityonion-nsmnow-admin-scripts - 20120724-0ubuntu0securityonion149
This new package should resolve the following issues:
Issue 942: NSM: more gracefully handle large number of files in /nsm/bro/extracted
https://github.com/Security-Onion-Solutions/security-onion/issues/942
Issue 1033: NSM: only allow one instance of nsm_sensor_clean at a time
https://github.com/Security-Onion-Solutions/security-onion/issues/1033
Thanks to Wes Lambert for testing!
Updating
This package is now available in our stable repo. Please see the following page for full update instructions:
https://github.com/Security-Onion-Solutions/security-onion/wiki/Upgrade
Want to show your support for Security Onion?
Security Onion t-shirts are available in our CafePress store!
http://www.cafepress.com/securityonion/11820053
Training
Security Onion Solutions provides onsite, online, and on-demand training. For more information, please see:
https://securityonionsolutions.com
Support
Need support? Please see:
https://github.com/Security-Onion-Solutions/security-onion/wiki/Support
Thanks!
securityonion-nsmnow-admin-scripts - 20120724-0ubuntu0securityonion149
This new package should resolve the following issues:
Issue 942: NSM: more gracefully handle large number of files in /nsm/bro/extracted
https://github.com/Security-Onion-Solutions/security-onion/issues/942
Issue 1033: NSM: only allow one instance of nsm_sensor_clean at a time
https://github.com/Security-Onion-Solutions/security-onion/issues/1033
Thanks to Wes Lambert for testing!
Updating
This package is now available in our stable repo. Please see the following page for full update instructions:
https://github.com/Security-Onion-Solutions/security-onion/wiki/Upgrade
Want to show your support for Security Onion?
Security Onion t-shirts are available in our CafePress store!
http://www.cafepress.com/securityonion/11820053
Training
Security Onion Solutions provides onsite, online, and on-demand training. For more information, please see:
https://securityonionsolutions.com
Support
Need support? Please see:
https://github.com/Security-Onion-Solutions/security-onion/wiki/Support
Thanks!
Wednesday, December 14, 2016
securityonion-nsmnow-admin-scripts - 20120724-0ubuntu0securityonion145 resolves an issue
The following package is now available:
securityonion-nsmnow-admin-scripts - 20120724-0ubuntu0securityonion145
This new package should resolve the following issue:
NSM: don't chown every file in /nsm/bro/extracted #1032
https://github.com/Security-Onion-Solutions/security-onion/issues/1032
Thanks to Wes Lambert for testing!
Updating
This package is now available in our stable repo. Please see the following page for full update instructions:
https://github.com/Security-Onion-Solutions/security-onion/wiki/Upgrade
Want to show your support for Security Onion?
Security Onion t-shirts are available in our CafePress store!
http://www.cafepress.com/securityonion/11820053
Training
Security Onion Solutions provides onsite, online, and on-demand training. For more information, please see:
https://securityonionsolutions.com
Support
Need support? Please see:
https://github.com/Security-Onion-Solutions/security-onion/wiki/Support
Thanks!
securityonion-nsmnow-admin-scripts - 20120724-0ubuntu0securityonion145
This new package should resolve the following issue:
NSM: don't chown every file in /nsm/bro/extracted #1032
https://github.com/Security-Onion-Solutions/security-onion/issues/1032
Thanks to Wes Lambert for testing!
Updating
This package is now available in our stable repo. Please see the following page for full update instructions:
https://github.com/Security-Onion-Solutions/security-onion/wiki/Upgrade
Want to show your support for Security Onion?
Security Onion t-shirts are available in our CafePress store!
http://www.cafepress.com/securityonion/11820053
Training
Security Onion Solutions provides onsite, online, and on-demand training. For more information, please see:
https://securityonionsolutions.com
Support
Need support? Please see:
https://github.com/Security-Onion-Solutions/security-onion/wiki/Support
Thanks!
Tuesday, December 13, 2016
Suricata 3.2 now available for Security Onion!
Suricata 3.2 was recently released:
https://suricata-ids.org/2016/12/01/suricata-3-2-available/
I've packaged it and the following package is now available:
securityonion-suricata - 3.2-1ubuntu1securityonion2
This new package should resolve the following issue:
Issue 1026: Suricata 3.2
https://github.com/Security-Onion-Solutions/security-onion/issues/1026
This package has been tested by Wes Lambert. Thanks, Wes!
Updating
This package is now available in our stable repo. Please see the following page for full update instructions:
https://github.com/Security-Onion-Solutions/security-onion/wiki/Upgrade
This update will back up each of your existing suricata.yaml files to suricata.yaml.bak and migrate your HOME_NET and EXTERNAL_NET variables. You'll then need to do the following:
Want to show your support for Security Onion?
Security Onion t-shirts are available in our CafePress store!
http://www.cafepress.com/securityonion/11820053
Training
Security Onion Solutions provides onsite, online, and on-demand training. For more information, please see:
https://securityonionsolutions.com
Support
Need support? Please see:
https://github.com/Security-Onion-Solutions/security-onion/wiki/Support
Thanks!
https://suricata-ids.org/2016/12/01/suricata-3-2-available/
I've packaged it and the following package is now available:
securityonion-suricata - 3.2-1ubuntu1securityonion2
This new package should resolve the following issue:
Issue 1026: Suricata 3.2
https://github.com/Security-Onion-Solutions/security-onion/issues/1026
This package has been tested by Wes Lambert. Thanks, Wes!
Updating
This package is now available in our stable repo. Please see the following page for full update instructions:
https://github.com/Security-Onion-Solutions/security-onion/wiki/Upgrade
This update will back up each of your existing suricata.yaml files to suricata.yaml.bak and migrate your HOME_NET and EXTERNAL_NET variables. You'll then need to do the following:
- re-apply any other local customizations to your suricata.yaml file(s)
- update ruleset and restart Suricata as follows:
sudo rule-update
Want to show your support for Security Onion?
Security Onion t-shirts are available in our CafePress store!
http://www.cafepress.com/securityonion/11820053
Training
Security Onion Solutions provides onsite, online, and on-demand training. For more information, please see:
https://securityonionsolutions.com
Support
Need support? Please see:
https://github.com/Security-Onion-Solutions/security-onion/wiki/Support
Thanks!
Monday, December 12, 2016
securityonion-nsmnow-admin-scripts - 20120724-0ubuntu0securityonion144 resolves an issue
The following package is now available:
securityonion-nsmnow-admin-scripts - 20120724-0ubuntu0securityonion144
This new package should resolve the following issue:
NSM: remove chown from /usr/sbin/so-bro-cron #1030
https://github.com/Security-Onion-Solutions/security-onion/issues/1030
Thanks to Wes Lambert for testing!
Updating
This package is now available in our stable repo. Please see the following page for full update instructions:
https://github.com/Security-Onion-Solutions/security-onion/wiki/Upgrade
Want to show your support for Security Onion?
Security Onion t-shirts are available in our CafePress store!
http://www.cafepress.com/securityonion/11820053
Training
Security Onion Solutions provides onsite, online, and on-demand training. For more information, please see:
https://securityonionsolutions.com
Support
Need support? Please see:
https://github.com/Security-Onion-Solutions/security-onion/wiki/Support
Thanks!
securityonion-nsmnow-admin-scripts - 20120724-0ubuntu0securityonion144
This new package should resolve the following issue:
NSM: remove chown from /usr/sbin/so-bro-cron #1030
https://github.com/Security-Onion-Solutions/security-onion/issues/1030
Thanks to Wes Lambert for testing!
Updating
This package is now available in our stable repo. Please see the following page for full update instructions:
https://github.com/Security-Onion-Solutions/security-onion/wiki/Upgrade
Want to show your support for Security Onion?
Security Onion t-shirts are available in our CafePress store!
http://www.cafepress.com/securityonion/11820053
Training
Security Onion Solutions provides onsite, online, and on-demand training. For more information, please see:
https://securityonionsolutions.com
Support
Need support? Please see:
https://github.com/Security-Onion-Solutions/security-onion/wiki/Support
Thanks!
Wednesday, December 7, 2016
Training Update
Our next live session of online training will be March 13, 2017 through March 16, 2017. For more details and to register, please see:
https://securityonionsolutions.com/onlinetraining
If you need online training before then, you may want to consider our pre-recorded on-demand training:
https://securityonionsolutions.com/ondemandtraining
If you're looking for more in-depth training including lab exercises, we are starting to schedule our 4-day onsite classes for 2017:
https://securityonionsolutions.com/onsitetraining
https://securityonionsolutions.com/onlinetraining
If you need online training before then, you may want to consider our pre-recorded on-demand training:
https://securityonionsolutions.com/ondemandtraining
If you're looking for more in-depth training including lab exercises, we are starting to schedule our 4-day onsite classes for 2017:
https://securityonionsolutions.com/onsitetraining
Tuesday, December 6, 2016
securityonion-sostat - 20120722-0ubuntu0securityonion65 resolves an issue
The following package is now available:
securityonion-sostat - 20120722-0ubuntu0securityonion65
This new package should resolve the following issue:
Issue 1024: soup: when running on sensor, check to make sure master server has been updated first
https://github.com/Security-Onion-Solutions/security-onion/issues/1024
Thanks to Wes Lambert!
Updating
This package is now available in our stable repo. Please see the following page for full update instructions:
https://github.com/Security-Onion-Solutions/security-onion/wiki/Upgrade
Want to show your support for Security Onion?
Security Onion t-shirts are available in our CafePress store!
http://www.cafepress.com/securityonion/11820053
Training
Security Onion Solutions provides onsite, online, and on-demand training. For more information, please see:
https://securityonionsolutions.com
Support
Need support? Please see:
https://github.com/Security-Onion-Solutions/security-onion/wiki/Support
Thanks!
securityonion-sostat - 20120722-0ubuntu0securityonion65
This new package should resolve the following issue:
Issue 1024: soup: when running on sensor, check to make sure master server has been updated first
https://github.com/Security-Onion-Solutions/security-onion/issues/1024
Thanks to Wes Lambert!
Updating
This package is now available in our stable repo. Please see the following page for full update instructions:
https://github.com/Security-Onion-Solutions/security-onion/wiki/Upgrade
Want to show your support for Security Onion?
Security Onion t-shirts are available in our CafePress store!
http://www.cafepress.com/securityonion/11820053
Training
Security Onion Solutions provides onsite, online, and on-demand training. For more information, please see:
https://securityonionsolutions.com
Support
Need support? Please see:
https://github.com/Security-Onion-Solutions/security-onion/wiki/Support
Thanks!
Monday, December 5, 2016
CapMe 1.0.1 is now available and supports UDP traffic!
The following packages are now available:
securityonion-capme - 20121213-0ubuntu0securityonion65
securityonion-sguil-client - 20141004-0ubuntu0securityonion16
securityonion-sguil-sensor - 20141004-0ubuntu0securityonion16
securityonion-sguil-server - 20141004-0ubuntu0securityonion16
These new packages should resolve the following issue:
Issue 492: CapMe needs to handle UDP better
https://github.com/Security-Onion-Solutions/security-onion/issues/492
Thanks to Wes Lambert!
Updating
These packages are now available in our stable repo. Please see the following page for full update instructions:
https://github.com/Security-Onion-Solutions/security-onion/wiki/Upgrade
Release Notes
After installing the updated packages, you will need to restart sguild as follows:
Security Onion t-shirts are available in our CafePress store!
http://www.cafepress.com/securityonion/11820053
Training
Security Onion Solutions provides onsite, online, and on-demand training. For more information, please see:
https://securityonionsolutions.com
Support
Need support? Please see:
https://github.com/Security-Onion-Solutions/security-onion/wiki/Support
Thanks!
securityonion-capme - 20121213-0ubuntu0securityonion65
securityonion-sguil-client - 20141004-0ubuntu0securityonion16
securityonion-sguil-sensor - 20141004-0ubuntu0securityonion16
securityonion-sguil-server - 20141004-0ubuntu0securityonion16
These new packages should resolve the following issue:
Issue 492: CapMe needs to handle UDP better
https://github.com/Security-Onion-Solutions/security-onion/issues/492
Thanks to Wes Lambert!
Updating
These packages are now available in our stable repo. Please see the following page for full update instructions:
https://github.com/Security-Onion-Solutions/security-onion/wiki/Upgrade
Release Notes
After installing the updated packages, you will need to restart sguild as follows:
sudo nsm_server_ps-restartWant to show your support for Security Onion?
Security Onion t-shirts are available in our CafePress store!
http://www.cafepress.com/securityonion/11820053
Training
Security Onion Solutions provides onsite, online, and on-demand training. For more information, please see:
https://securityonionsolutions.com
Support
Need support? Please see:
https://github.com/Security-Onion-Solutions/security-onion/wiki/Support
Thanks!
Wednesday, November 30, 2016
securityonion-setup - 20120912-0ubuntu0securityonion229 resolves 3 issues
The following package is now available:
securityonion-setup - 20120912-0ubuntu0securityonion229
This new package should resolve the following issues:
Issue 988: Setup: use lowercase of hostname when creating sensornames
https://github.com/Security-Onion-Solutions/security-onion/issues/988
Issue 1000: Setup: rename VRT to Talos
https://github.com/Security-Onion-Solutions/security-onion/issues/1000
Issue 989: Setup: postinst should check for existence of account before chown
https://github.com/Security-Onion-Solutions/security-onion/issues/989
Thanks to Wes Lambert!
Updating
This package is now available in our stable repo. Please see the following page for full update instructions:
https://github.com/Security-Onion-Solutions/security-onion/wiki/Upgrade
Want to show your support for Security Onion?
Security Onion t-shirts are available in our CafePress store!
http://www.cafepress.com/securityonion/11820053
Training
Security Onion Solutions provides onsite, online, and on-demand training. For more information, please see:
https://securityonionsolutions.com
Support
Need support? Please see:
https://github.com/Security-Onion-Solutions/security-onion/wiki/Support
Thanks!
securityonion-setup - 20120912-0ubuntu0securityonion229
This new package should resolve the following issues:
Issue 988: Setup: use lowercase of hostname when creating sensornames
https://github.com/Security-Onion-Solutions/security-onion/issues/988
Issue 1000: Setup: rename VRT to Talos
https://github.com/Security-Onion-Solutions/security-onion/issues/1000
Issue 989: Setup: postinst should check for existence of account before chown
https://github.com/Security-Onion-Solutions/security-onion/issues/989
Thanks to Wes Lambert!
Updating
This package is now available in our stable repo. Please see the following page for full update instructions:
https://github.com/Security-Onion-Solutions/security-onion/wiki/Upgrade
Want to show your support for Security Onion?
Security Onion t-shirts are available in our CafePress store!
http://www.cafepress.com/securityonion/11820053
Training
Security Onion Solutions provides onsite, online, and on-demand training. For more information, please see:
https://securityonionsolutions.com
Support
Need support? Please see:
https://github.com/Security-Onion-Solutions/security-onion/wiki/Support
Thanks!
Monday, November 14, 2016
securityonion-elsa-extras - 20151011-1ubuntu1securityonion40 resolves an issue
The following package is now available:
securityonion-elsa-extras - 20151011-1ubuntu1securityonion40
This new package should resolve the following issue:
Issue 1010: securityonion-elsa-extras: Windows process enhancements
https://github.com/Security-Onion-Solutions/security-onion/issues/1010
Thanks to Brian Kellogg for submitted these new ELSA patterns!
Updating
This package is now available in our stable repo. Please see the following page for full update instructions:
https://github.com/Security-Onion-Solutions/security-onion/wiki/Upgrade
Want to show your support for Security Onion?
Security Onion t-shirts are available in our CafePress store!
http://www.cafepress.com/securityonion/11820053
Training
Security Onion Solutions provides onsite, online, and on-demand training. For more information, please see:
https://securityonionsolutions.com
Support
Need support? Please see:
https://github.com/Security-Onion-Solutions/security-onion/wiki/Support
Thanks!
securityonion-elsa-extras - 20151011-1ubuntu1securityonion40
This new package should resolve the following issue:
Issue 1010: securityonion-elsa-extras: Windows process enhancements
https://github.com/Security-Onion-Solutions/security-onion/issues/1010
Thanks to Brian Kellogg for submitted these new ELSA patterns!
Updating
This package is now available in our stable repo. Please see the following page for full update instructions:
https://github.com/Security-Onion-Solutions/security-onion/wiki/Upgrade
Want to show your support for Security Onion?
Security Onion t-shirts are available in our CafePress store!
http://www.cafepress.com/securityonion/11820053
Training
Security Onion Solutions provides onsite, online, and on-demand training. For more information, please see:
https://securityonionsolutions.com
Support
Need support? Please see:
https://github.com/Security-Onion-Solutions/security-onion/wiki/Support
Thanks!
Monday, November 7, 2016
Suricata 3.1.3 now available for Security Onion!
Suricata 3.1.3 was recently released:
https://suricata-ids.org/2016/11/01/suricata-3-1-3-released/
I've packaged it and the following package is now available:
securityonion-suricata - 3.1.3-1ubuntu1securityonion2
This new package should resolve the following issue:
Issue 1014: Suricata 3.1.3
https://github.com/Security-Onion-Solutions/security-onion/issues/1014
This package has been tested by Wes Lambert. Thanks, Wes!
Updating
This package is now available in our stable repo. Please see the following page for full update instructions:
https://github.com/Security-Onion-Solutions/security-onion/wiki/Upgrade
This update will back up each of your existing suricata.yaml files to suricata.yaml.bak and migrate your HOME_NET and EXTERNAL_NET variables. You'll then need to do the following:
http://www.cafepress.com/securityonion/11820053
Training
Security Onion Solutions provides onsite, online, and on-demand training. For more information, please see:
https://securityonionsolutions.com
Support
Need support? Please see:
https://github.com/Security-Onion-Solutions/security-onion/wiki/Support
Thanks!
https://suricata-ids.org/2016/11/01/suricata-3-1-3-released/
I've packaged it and the following package is now available:
securityonion-suricata - 3.1.3-1ubuntu1securityonion2
Issue 1014: Suricata 3.1.3
https://github.com/Security-Onion-Solutions/security-onion/issues/1014
This package has been tested by Wes Lambert. Thanks, Wes!
Updating
This package is now available in our stable repo. Please see the following page for full update instructions:
https://github.com/Security-Onion-Solutions/security-onion/wiki/Upgrade
This update will back up each of your existing suricata.yaml files to suricata.yaml.bak and migrate your HOME_NET and EXTERNAL_NET variables. You'll then need to do the following:
- re-apply any other local customizations to your suricata.yaml file(s)
- update ruleset and restart Suricata as follows:
sudo rule-update
Want to show your support for Security Onion?
Security Onion t-shirts are available in our CafePress store!http://www.cafepress.com/securityonion/11820053
Training
Security Onion Solutions provides onsite, online, and on-demand training. For more information, please see:
https://securityonionsolutions.com
Support
Need support? Please see:
https://github.com/Security-Onion-Solutions/security-onion/wiki/Support
Thanks!
Monday, October 31, 2016
Final Reminder: Security Onion training in Columbus Ohio
Only 1 week left to register for 4-day Security Onion training in Columbus Ohio!
https://securityonionsolutions.com/onsitetraining
https://securityonionsolutions.com/onsitetraining
Monday, October 24, 2016
Reminder: Security Onion training in Columbus Ohio
Only 2 weeks left to register for 4-day Security Onion training in Columbus Ohio!
https://securityonionsolutions.com/onsitetraining
https://securityonionsolutions.com/onsitetraining
Wednesday, October 19, 2016
securityonion-sostat - 20120722-0ubuntu0securityonion63 resolves an issue
The following package is now available:
securityonion-sostat - 20120722-0ubuntu0securityonion63
This new package should resolve the following issue:
Issue 1009: soup: change "2>1" to "2>&1"
https://github.com/Security-Onion-Solutions/security-onion/issues/1009
Thanks to Wes Lambert for testing this package.
Updating
This package is now available in our stable repo. Please see the following page for full update instructions:
https://github.com/Security-Onion-Solutions/security-onion/wiki/Upgrade
Want to show your support for Security Onion?
Security Onion t-shirts are available in our CafePress store!
http://www.cafepress.com/securityonion/11820053
Training
Security Onion Solutions provides onsite, online, and on-demand training. For more information, please see:
https://securityonionsolutions.com
Support
Need support? Please see:
https://github.com/Security-Onion-Solutions/security-onion/wiki/Support
Thanks!
securityonion-sostat - 20120722-0ubuntu0securityonion63
This new package should resolve the following issue:
Issue 1009: soup: change "2>1" to "2>&1"
https://github.com/Security-Onion-Solutions/security-onion/issues/1009
Thanks to Wes Lambert for testing this package.
Updating
This package is now available in our stable repo. Please see the following page for full update instructions:
https://github.com/Security-Onion-Solutions/security-onion/wiki/Upgrade
Want to show your support for Security Onion?
Security Onion t-shirts are available in our CafePress store!
http://www.cafepress.com/securityonion/11820053
Training
Security Onion Solutions provides onsite, online, and on-demand training. For more information, please see:
https://securityonionsolutions.com
Support
Need support? Please see:
https://github.com/Security-Onion-Solutions/security-onion/wiki/Support
Thanks!
Tuesday, October 18, 2016
securityonion-nsmnow-admin-scripts - 20120724-0ubuntu0securityonion143 resolves two issues
The following package is now available:
securityonion-nsmnow-admin-scripts - 20120724-0ubuntu0securityonion143
This new package should resolve the following issues:
Issue 993: NSM: start/restart errors on systems with ethXX (2 or more numbers)
https://github.com/Security-Onion-Solutions/security-onion/issues/993
Issue 1005: NSM: redirect iostreams to logfile during ossec-agent restart
https://github.com/Security-Onion-Solutions/security-onion/issues/1005
Updating
This package is now available in our stable repo. Please see the following page for full update instructions:
https://github.com/Security-Onion-Solutions/security-onion/wiki/Upgrade
Want to show your support for Security Onion?
Security Onion t-shirts are available in our CafePress store!
http://www.cafepress.com/securityonion/11820053
Training
Security Onion Solutions provides onsite, online, and on-demand training. For more information, please see:
https://securityonionsolutions.com
Support
Need support? Please see:
https://github.com/Security-Onion-Solutions/security-onion/wiki/Support
Thanks!
securityonion-nsmnow-admin-scripts - 20120724-0ubuntu0securityonion143
This new package should resolve the following issues:
Issue 993: NSM: start/restart errors on systems with ethXX (2 or more numbers)
https://github.com/Security-Onion-Solutions/security-onion/issues/993
Issue 1005: NSM: redirect iostreams to logfile during ossec-agent restart
https://github.com/Security-Onion-Solutions/security-onion/issues/1005
Updating
This package is now available in our stable repo. Please see the following page for full update instructions:
https://github.com/Security-Onion-Solutions/security-onion/wiki/Upgrade
Want to show your support for Security Onion?
Security Onion t-shirts are available in our CafePress store!
http://www.cafepress.com/securityonion/11820053
Training
Security Onion Solutions provides onsite, online, and on-demand training. For more information, please see:
https://securityonionsolutions.com
Support
Need support? Please see:
https://github.com/Security-Onion-Solutions/security-onion/wiki/Support
Thanks!
Monday, October 17, 2016
securityonion-capme - 20121213-0ubuntu0securityonion61 resolves an issue
The following package is now available:
securityonion-capme - 20121213-0ubuntu0securityonion61
This new package should resolve the following issue:
Issue 1007: CapMe: transcript data sometimes overruns the transcript window
https://github.com/Security-Onion-Solutions/security-onion/issues/1007
This package has been tested by Wes Lambert (thanks, Wes!).
Updating
This package is now available in our stable repo. Please see the following page for full update instructions:
https://github.com/Security-Onion-Solutions/security-onion/wiki/Upgrade
Want to show your support for Security Onion?
Security Onion t-shirts are available in our CafePress store!
http://www.cafepress.com/securityonion/11820053
Training
Security Onion Solutions provides onsite, online, and on-demand training. For more information, please see:
https://securityonionsolutions.com
Support
Need support? Please see:
https://github.com/Security-Onion-Solutions/security-onion/wiki/Support
Thanks!
securityonion-capme - 20121213-0ubuntu0securityonion61
This new package should resolve the following issue:
Issue 1007: CapMe: transcript data sometimes overruns the transcript window
https://github.com/Security-Onion-Solutions/security-onion/issues/1007
This package has been tested by Wes Lambert (thanks, Wes!).
Updating
This package is now available in our stable repo. Please see the following page for full update instructions:
https://github.com/Security-Onion-Solutions/security-onion/wiki/Upgrade
Want to show your support for Security Onion?
Security Onion t-shirts are available in our CafePress store!
http://www.cafepress.com/securityonion/11820053
Training
Security Onion Solutions provides onsite, online, and on-demand training. For more information, please see:
https://securityonionsolutions.com
Support
Need support? Please see:
https://github.com/Security-Onion-Solutions/security-onion/wiki/Support
Thanks!
Friday, September 30, 2016
securityonion-web-page - 20141015-0ubuntu0securityonion71 resolves several issues
The following package is now available:
securityonion-web-page - 20141015-0ubuntu0securityonion71
This new package should resolve the following issues:
Issue 1001: securityonion-web-page: move Top/Bottom links to beginning of line
https://github.com/Security-Onion-Solutions/security-onion/issues/1001
Issue 1002: securityonion-web-page: fix ELSA FIREWALL_ACCESS_DENY queries
https://github.com/Security-Onion-Solutions/security-onion/issues/1002
Issue 1004: securityonion-web-page: standardize Autoruns queries
https://github.com/Security-Onion-Solutions/security-onion/issues/1004
Screenshots
Updating
This package is now available in our stable repo. Please see the following page for full update instructions:
https://github.com/Security-Onion-Solutions/security-onion/wiki/Upgrade
Want to show your support for Security Onion?
Security Onion t-shirts are available in our CafePress store!
http://www.cafepress.com/securityonion/11820053
Training
Security Onion Solutions provides onsite, online, and on-demand training. For more information, please see:
https://securityonionsolutions.com
Support
Need support? Please see:
https://github.com/Security-Onion-Solutions/security-onion/wiki/Support
Thanks!
securityonion-web-page - 20141015-0ubuntu0securityonion71
This new package should resolve the following issues:
Issue 1001: securityonion-web-page: move Top/Bottom links to beginning of line
https://github.com/Security-Onion-Solutions/security-onion/issues/1001
Issue 1002: securityonion-web-page: fix ELSA FIREWALL_ACCESS_DENY queries
https://github.com/Security-Onion-Solutions/security-onion/issues/1002
Issue 1004: securityonion-web-page: standardize Autoruns queries
https://github.com/Security-Onion-Solutions/security-onion/issues/1004
Screenshots
![]() |
Top / Bottom links are now at the beginning of the line and Autoruns queries have been standardized |
![]() |
DNS - Top 100 Requests |
![]() |
DNS - Bottom 100 Requests |
Updating
This package is now available in our stable repo. Please see the following page for full update instructions:
https://github.com/Security-Onion-Solutions/security-onion/wiki/Upgrade
Want to show your support for Security Onion?
Security Onion t-shirts are available in our CafePress store!
http://www.cafepress.com/securityonion/11820053
Training
Security Onion Solutions provides onsite, online, and on-demand training. For more information, please see:
https://securityonionsolutions.com
Support
Need support? Please see:
https://github.com/Security-Onion-Solutions/security-onion/wiki/Support
Thanks!
Thursday, September 29, 2016
securityonion-sostat - 20120722-0ubuntu0securityonion62 resolves several issues
The following package is now available:
securityonion-sostat - 20120722-0ubuntu0securityonion62
This new package should resolve the following issues:
Issue 990: sostat: Fix redirect to file issue
https://github.com/Security-Onion-Solutions/security-onion/issues/990
Issue 991: sostat: Remove redundant source call
https://github.com/Security-Onion-Solutions/security-onion/issues/991
Issue 992: sostat: Enable nullglobs to prevent string literal bug in various for loops
https://github.com/Security-Onion-Solutions/security-onion/issues/992
Issue 996: sostat: report OS version and sostat version
https://github.com/Security-Onion-Solutions/security-onion/issues/996
Issue 998: sostat: only show last run of rule-update
https://github.com/Security-Onion-Solutions/security-onion/issues/998
Issue 961: soup: remove any autoremove recommendations
https://github.com/Security-Onion-Solutions/security-onion/issues/961
Issue 962: soup: recommend upgrading to 16.04 HWE stack
https://github.com/Security-Onion-Solutions/security-onion/issues/962
Updating
This package is now available in our stable repo. Please see the following page for full update instructions:
https://github.com/Security-Onion-Solutions/security-onion/wiki/Upgrade
Want to show your support for Security Onion?
Security Onion t-shirts are available in our CafePress store!
http://www.cafepress.com/securityonion/11820053
Training
Security Onion Solutions provides onsite, online, and on-demand training. For more information, please see:
https://securityonionsolutions.com
Support
Need support? Please see:
https://github.com/Security-Onion-Solutions/security-onion/wiki/Support
Thanks!
securityonion-sostat - 20120722-0ubuntu0securityonion62
This new package should resolve the following issues:
Issue 990: sostat: Fix redirect to file issue
https://github.com/Security-Onion-Solutions/security-onion/issues/990
Issue 991: sostat: Remove redundant source call
https://github.com/Security-Onion-Solutions/security-onion/issues/991
Issue 992: sostat: Enable nullglobs to prevent string literal bug in various for loops
https://github.com/Security-Onion-Solutions/security-onion/issues/992
Issue 996: sostat: report OS version and sostat version
https://github.com/Security-Onion-Solutions/security-onion/issues/996
Issue 998: sostat: only show last run of rule-update
https://github.com/Security-Onion-Solutions/security-onion/issues/998
Issue 961: soup: remove any autoremove recommendations
https://github.com/Security-Onion-Solutions/security-onion/issues/961
Issue 962: soup: recommend upgrading to 16.04 HWE stack
https://github.com/Security-Onion-Solutions/security-onion/issues/962
Updating
This package is now available in our stable repo. Please see the following page for full update instructions:
https://github.com/Security-Onion-Solutions/security-onion/wiki/Upgrade
Want to show your support for Security Onion?
Security Onion t-shirts are available in our CafePress store!
http://www.cafepress.com/securityonion/11820053
Training
Security Onion Solutions provides onsite, online, and on-demand training. For more information, please see:
https://securityonionsolutions.com
Support
Need support? Please see:
https://github.com/Security-Onion-Solutions/security-onion/wiki/Support
Thanks!
securityonion-rule-update - 20151201-1ubuntu1securityonion7 resolves an issue
The following package is now available:
securityonion-rule-update - 20151201-1ubuntu1securityonion7
This new package should resolve the following issue:
Issue 985: rule-update should always log to /var/log/nsm/pulledpork.log
https://github.com/Security-Onion-Solutions/security-onion/issues/985
Updating
This package is now available in our stable repo. Please see the following page for full update instructions:
https://github.com/Security-Onion-Solutions/security-onion/wiki/Upgrade
Want to show your support for Security Onion?
Security Onion t-shirts are available in our CafePress store!
http://www.cafepress.com/securityonion/11820053
Training
Security Onion Solutions provides onsite, online, and on-demand training. For more information, please see:
https://securityonionsolutions.com
Support
Need support? Please see:
https://github.com/Security-Onion-Solutions/security-onion/wiki/Support
Thanks!
securityonion-rule-update - 20151201-1ubuntu1securityonion7
This new package should resolve the following issue:
Issue 985: rule-update should always log to /var/log/nsm/pulledpork.log
https://github.com/Security-Onion-Solutions/security-onion/issues/985
Updating
This package is now available in our stable repo. Please see the following page for full update instructions:
https://github.com/Security-Onion-Solutions/security-onion/wiki/Upgrade
Want to show your support for Security Onion?
Security Onion t-shirts are available in our CafePress store!
http://www.cafepress.com/securityonion/11820053
Training
Security Onion Solutions provides onsite, online, and on-demand training. For more information, please see:
https://securityonionsolutions.com
Support
Need support? Please see:
https://github.com/Security-Onion-Solutions/security-onion/wiki/Support
Thanks!
Wednesday, September 28, 2016
securityonion-elsa-extras - 20151011-1ubuntu1securityonion38 resolves an issue
The following package is now available:
securityonion-elsa-extras - 20151011-1ubuntu1securityonion38
This new package should resolve the following issue:
Issue 997: securityonion-elsa-extras: better parsing for event id 4776
https://github.com/Security-Onion-Solutions/security-onion/issues/997
Updating
This package is now available in our stable repo. Please see the following page for full update instructions:
https://github.com/Security-Onion-Solutions/security-onion/wiki/Upgrade
Want to show your support for Security Onion?
Security Onion t-shirts are available in our CafePress store!
http://www.cafepress.com/securityonion/11820053
Training
Security Onion Solutions provides onsite, online, and on-demand training. For more information, please see:
https://securityonionsolutions.com
Support
Need support? Please see:
https://github.com/Security-Onion-Solutions/security-onion/wiki/Support
Thanks!
securityonion-elsa-extras - 20151011-1ubuntu1securityonion38
This new package should resolve the following issue:
Issue 997: securityonion-elsa-extras: better parsing for event id 4776
https://github.com/Security-Onion-Solutions/security-onion/issues/997
Updating
This package is now available in our stable repo. Please see the following page for full update instructions:
https://github.com/Security-Onion-Solutions/security-onion/wiki/Upgrade
Want to show your support for Security Onion?
Security Onion t-shirts are available in our CafePress store!
http://www.cafepress.com/securityonion/11820053
Training
Security Onion Solutions provides onsite, online, and on-demand training. For more information, please see:
https://securityonionsolutions.com
Support
Need support? Please see:
https://github.com/Security-Onion-Solutions/security-onion/wiki/Support
Thanks!
Tuesday, September 27, 2016
securityonion-squert-cron - 20120722-0ubuntu0securityonion10 resolves an issue
The following package is now available:
securityonion-squert-cron - 20120722-0ubuntu0securityonion10
This new package should resolve the following issue:
Squert ip2c cron job should lock to prevent multiple instances #987
https://github.com/Security-Onion-Solutions/security-onion/issues/987
This package has been tested by Wes Lambert. Thanks, Wes!
Updating
This package is now available in our stable repo. Please see the following page for full update instructions:
https://github.com/Security-Onion-Solutions/security-onion/wiki/Upgrade
Want to show your support for Security Onion?
Security Onion t-shirts are available in our CafePress store!
http://www.cafepress.com/securityonion/11820053
Training
Security Onion Solutions provides onsite, online, and on-demand training. For more information, please see:
https://securityonionsolutions.com
Support
Need support? Please see:
https://github.com/Security-Onion-Solutions/security-onion/wiki/Support
Thanks!
securityonion-squert-cron - 20120722-0ubuntu0securityonion10
This new package should resolve the following issue:
Squert ip2c cron job should lock to prevent multiple instances #987
https://github.com/Security-Onion-Solutions/security-onion/issues/987
This package has been tested by Wes Lambert. Thanks, Wes!
Updating
This package is now available in our stable repo. Please see the following page for full update instructions:
https://github.com/Security-Onion-Solutions/security-onion/wiki/Upgrade
Want to show your support for Security Onion?
Security Onion t-shirts are available in our CafePress store!
http://www.cafepress.com/securityonion/11820053
Training
Security Onion Solutions provides onsite, online, and on-demand training. For more information, please see:
https://securityonionsolutions.com
Support
Need support? Please see:
https://github.com/Security-Onion-Solutions/security-onion/wiki/Support
Thanks!
Monday, September 26, 2016
Suricata 3.1.2 now available for Security Onion!
Suricata 3.1.2 was recently released:
https://suricata-ids.org/2016/09/07/suricata-3-1-2-released/
I've packaged it and the following package is now available:
securityonion-suricata - 3.1.2-1ubuntu1securityonion1
This new package should resolve the following issue:
Issue 994: Suricata 3.1.2
https://github.com/Security-Onion-Solutions/security-onion/issues/994
This package has been tested by Wes Lambert. Thanks, Wes!
Updating
This package is now available in our stable repo. Please see the following page for full update instructions:
https://github.com/Security-Onion-Solutions/security-onion/wiki/Upgrade
This update will back up each of your existing suricata.yaml files to suricata.yaml.bak and migrate your HOME_NET and EXTERNAL_NET variables. You'll then need to do the following:
Want to show your support for Security Onion?
Security Onion t-shirts are available in our CafePress store!
http://www.cafepress.com/securityonion/11820053
Training
Security Onion Solutions provides onsite, online, and on-demand training. For more information, please see:
https://securityonionsolutions.com
Support
Need support? Please see:
https://github.com/Security-Onion-Solutions/security-onion/wiki/Support
Thanks!
https://suricata-ids.org/2016/09/07/suricata-3-1-2-released/
I've packaged it and the following package is now available:
securityonion-suricata - 3.1.2-1ubuntu1securityonion1
This new package should resolve the following issue:
Issue 994: Suricata 3.1.2
https://github.com/Security-Onion-Solutions/security-onion/issues/994
This package has been tested by Wes Lambert. Thanks, Wes!
Updating
This package is now available in our stable repo. Please see the following page for full update instructions:
https://github.com/Security-Onion-Solutions/security-onion/wiki/Upgrade
This update will back up each of your existing suricata.yaml files to suricata.yaml.bak and migrate your HOME_NET and EXTERNAL_NET variables. You'll then need to do the following:
- re-apply any other local customizations to your suricata.yaml file(s)
- update ruleset and restart Suricata as follows:
sudo rule-update
Want to show your support for Security Onion?
Security Onion t-shirts are available in our CafePress store!
http://www.cafepress.com/securityonion/11820053
Training
Security Onion Solutions provides onsite, online, and on-demand training. For more information, please see:
https://securityonionsolutions.com
Support
Need support? Please see:
https://github.com/Security-Onion-Solutions/security-onion/wiki/Support
Thanks!
Thursday, September 22, 2016
4-day Security Onion class in Columbus Ohio - November 15 through November 18
Our wildly popular 4-day class is coming to Columbus Ohio in November! For more details and to register, please see:
https://securityonionsolutions.com/onsitetraining
https://securityonionsolutions.com/onsitetraining
Tuesday, September 13, 2016
4-day Security Onion class in Columbia SC - October 25 through October 28
Our wildly popular 4-day class is coming to Columbia SC in October! For more details and to register, please see:
https://securityonionsolutions.com/onsitetraining
https://securityonionsolutions.com/onsitetraining
Onion Arcade: Make Your Adversaries Cry
https://www.youtube.com/watch?v=AXk-Te_lMmg&list=PLljFlTO9rB15Tve-LhV5k_5_0HH37eALe&index=9
If you haven't seen it, please watch the video to understand the reasons for building Onion Arcade and how it relates to Security Onion.
For those interested, here are some higher resolution photos of the build process.
![]() |
Super Nintendo SNS-101 (Mini) --> Framemeister scaler --> HDMI Monitor |
![]() |
Button Panel |
![]() |
Plexiglass |
![]() |
Joystick panel |
![]() |
Sides |
![]() |
Monitor VESA mount |
![]() |
Ground wire, lots of it! |
![]() |
Wiring harness for LED lights |
![]() |
Speaker panel |
![]() |
Buttons installed |
![]() |
Joysticks installed |
![]() |
Bottom of joystick panel before wiring begins |
![]() |
LED buttons powered up |
![]() |
First SNES Controller PCB soldered |
![]() |
First SNES Controller PCB with Joystick panel |
![]() |
Second SNES Controller PCB soldered |
![]() |
Both SNES Controller PCBs with Joystick panel |
![]() |
Joystick panel wiring completed |
![]() |
Cabinet construction begins |
![]() |
Back door installed |
![]() |
Monitor installed |
![]() |
Installing LED light strips in marquee |
![]() |
The components barely fit |
![]() |
It's Alive! |
Onion Arcade FAQ
What does this have to do with Security Onion?Please see the video for a full explanation:
https://www.youtube.com/watch?v=AXk-Te_lMmg&list=PLljFlTO9rB15Tve-LhV5k_5_0HH37eALe&index=9
Is Onion Arcade for sale?
No, it's mine, all mine! :)
Is it running emulators/ROMs?
Nope, under the hood is a real Super Nintendo SNS-101 (Mini) and a real SNES cartridge.
Where did the artwork come from?
I found a Creative Commons licensed Mandelbrot fractal on Wikipedia and added neon logos using the Gimp graphics editor.
The Mandelbrot fractal background was created by Wolfgang Beyer with the program Ultra Fractal 3 and licensed under the Creative Commons Attribution-Share Alike 3.0 Unported license. For more information:
https://upload.wikimedia.org/wikipedia/commons/a/a4/Mandel_zoom_11_satellite_double_spiral.jpg
https://en.wikipedia.org/wiki/File:Mandel_zoom_11_satellite_double_spiral.jpg
Subscribe to:
Posts (Atom)