Wednesday, May 25, 2016

securityonion-capme - 20121213-0ubuntu0securityonion47 resolves 5 issues

I've updated the following package:

securityonion-capme - 20121213-0ubuntu0securityonion47

This package should resolve the following issues:

Issue 736: CapMe: Debug information occasionally gets rendered inside the transcript

Issue 738: CapMe: handle large pcaps more gracefully

Issue 916: CapMe: Check for gzip encoding and automatically switch to Bro transcript

Issue 922: CapMe: Handle sguild failure more gracefully

Issue 493: CapMe: send credentials interactively to avoid exposing on command line

Wes Lambert and Robert Bardo tested this package.  Thanks, guys!


The CapMe submission form now includes a new field called Max Xscript Bytes (which defaults to 500,000) and the default Output option is now "auto".

With Output set to "auto", CapMe will check for gzip encoding and, if found, will automatically switch to the Bro transcript to decode the gzip. 

If the transcript is larger than the Max Xscript Bytes setting (500,000 bytes by default), CapMe will display this at the bottom of the transcript.

This package is now available in our stable repo.  Please see the following page for full update instructions:

Want to show your support for Security Onion?
Security Onion t-shirts are available in our CafePress store!

The next round of online classes will be in July:

Security Onion Conference will be on Friday September 9 and CFP is open!

Need support?  Please see:


No comments:

Search This Blog

Featured Post

Top 5 Reasons to Sign Up for our 4-day Security Onion Fundamentals for Analysts & Admins Class in June 2024

Security Onion Solutions has been teaching Security Onion classes since 2014. Since that time, we've taught students around the globe to...

Popular Posts

Blog Archive