Thursday, June 30, 2016

Security Onion Conference 2016: Registration is open!

Registration for Security Onion Conference 2016 is now open and the speaker lineup has been published!

https://securityonion.net/conference

Monday, June 13, 2016

Security Onion 14.04.4.2 ISO image now available!

We have a new Security Onion 14.04.4.2 ISO image now available that contains all the latest Ubuntu and Security Onion updates as of June 6, 2016!

This resolves the following issue:

Issue 913: 14.04.4.2 ISO image
https://github.com/Security-Onion-Solutions/security-onion/issues/913

This new ISO image has been tested by the following (thanks!):
Wes Lambert
Phil Plantamura

New Users
I've updated the Verify_ISO page for the new ISO image:
https://github.com/Security-Onion-Solutions/security-onion/blob/master/Verify_ISO.md

Please remember to verify the signature of the downloaded ISO image using the instructions on that page.

Existing Deployments
If you have existing installations based on a previous 14.04 ISO image, there is no need to download the new ISO image.  You can simply continue using our standard update process to install updated packages as they are made available:
https://github.com/Security-Onion-Solutions/security-onion/wiki/Upgrade

Release Notes
For more information about this release, please see:
https://github.com/Security-Onion-Solutions/security-onion/wiki/Security-Onion-14.04-Release-Notes

Want to show your support for Security Onion?
Security Onion t-shirts are available in our CafePress store!
http://www.cafepress.com/securityonion/11820053

Training
The next round of online classes will be in July:
https://attendee.gototraining.com/9z73w/catalog/8119062504158470144

Conference
Security Onion Conference will be on Friday September 9!
http://blog.securityonion.net/2016/03/security-onion-conference-2016-cfp.html

Support
Need support?  Please see:
https://github.com/Security-Onion-Solutions/security-onion/wiki/Support

Thanks!

Phil Plantamura has joined Security Onion Solutions LLC as COO

I'm very pleased to announce that Phil Plantamura is starting at Security Onion Solutions LLC today as Chief Operating Officer!



Monday, June 6, 2016

New CapMe and Squert packages resolve several issues

I've updated the following packages:

securityonion-capme - 20121213-0ubuntu0securityonion59
securityonion-squert - 20141015-0ubuntu0securityonion15

These new packages should resolve the following issues:

Issue 871: CapMe: add session support to avoid re-authenticating every time
https://github.com/Security-Onion-Solutions/security-onion/issues/871

Issue 930: CapMe: increase memory limit
https://github.com/Security-Onion-Solutions/security-onion/issues/930

Issue 933: CapMe: handle inactive/failed pcap_agents more gracefully
https://github.com/Security-Onion-Solutions/security-onion/issues/933

Issue 927: CapMe: Handle pcaps that generate no p0f output
https://github.com/Security-Onion-Solutions/security-onion/issues/927

Issue 934: CapMe: subdirectories should redirect to main page
https://github.com/Security-Onion-Solutions/security-onion/issues/934

Issue 935: CapMe: improve input validation on stime and etime variables
https://github.com/Security-Onion-Solutions/security-onion/issues/935

Issue 936: CapMe: replace include_once with require_once
https://github.com/Security-Onion-Solutions/security-onion/issues/936

Issue 867: Squert: pivot to CapMe for pcap
https://github.com/Security-Onion-Solutions/security-onion/issues/867

Issue 929: Squert: update mysql call in scripts
https://github.com/Security-Onion-Solutions/security-onion/issues/929

Wes Lambert tested these packages.  Thanks, Wes!

Screenshots

capME now includes session support

Updating
Thess packages are now available in our stable repo.  Please see the following page for full update instructions:
https://github.com/Security-Onion-Solutions/security-onion/wiki/Upgrade

Want to show your support for Security Onion?
Security Onion t-shirts are available in our CafePress store!
http://www.cafepress.com/securityonion/11820053

Training
The next round of online classes will be in July:
https://attendee.gototraining.com/9z73w/catalog/8119062504158470144

Conference
Security Onion Conference will be on Friday September 9!
http://blog.securityonion.net/2016/03/security-onion-conference-2016-cfp.html

Support
Need support?  Please see:
https://github.com/Security-Onion-Solutions/security-onion/wiki/Support

Thanks!

Thursday, June 2, 2016

securityonion-elsa-extras - 20151011-1ubuntu1securityonion32 resolves an issue

I've updated the following package:

securityonion-elsa-extras - 20151011-1ubuntu1securityonion32

It should resolve the following issue:

Issue 908: securityonion-elsa-extras: add securityonion-elsa-reset script
https://github.com/Security-Onion-Solutions/security-onion/issues/908

Wes Lambert tested this package.  Thanks, Wes!

Updating
This package is now available in our stable repo.  Please see the following page for full update instructions:
https://github.com/Security-Onion-Solutions/security-onion/wiki/Upgrade

Want to show your support for Security Onion?
Security Onion t-shirts are available in our CafePress store!
http://www.cafepress.com/securityonion/11820053

Training
The next round of online classes will be in July:
https://attendee.gototraining.com/9z73w/catalog/8119062504158470144

Conference
Security Onion Conference will be on Friday September 9!
http://blog.securityonion.net/2016/03/security-onion-conference-2016-cfp.html

Support
Need support?  Please see:
https://github.com/Security-Onion-Solutions/security-onion/wiki/Support

Thanks!

securityonion-nsmnow-admin-scripts - 20120724-0ubuntu0securityonion134 resolves an issue

I've updated the following package:

securityonion-nsmnow-admin-scripts - 20120724-0ubuntu0securityonion134

It should resolve the following issue:

Issue 931: nsm_sensor_backup-data missing leading slash in directory
https://github.com/Security-Onion-Solutions/security-onion/issues/931

Wes Lambert tested this package.  Thanks, Wes!

Updating
This package is now available in our stable repo.  Please see the following page for full update instructions:
https://github.com/Security-Onion-Solutions/security-onion/wiki/Upgrade

Want to show your support for Security Onion?
Security Onion t-shirts are available in our CafePress store!
http://www.cafepress.com/securityonion/11820053

Training
The next round of online classes will be in July:
https://attendee.gototraining.com/9z73w/catalog/8119062504158470144

Conference
Security Onion Conference will be on Friday September 9!
http://blog.securityonion.net/2016/03/security-onion-conference-2016-cfp.html

Support
Need support?  Please see:
https://github.com/Security-Onion-Solutions/security-onion/wiki/Support

Thanks!

Wednesday, June 1, 2016

securityonion-setup - 20120912-0ubuntu0securityonion215 resolves 3 issues

Wes Lambert submitted two pull requests and I've updated the following package:

securityonion-setup - 20120912-0ubuntu0securityonion215

It should resolve the following issues:

Issue 919: Setup: check minimum RAM requirements
https://github.com/Security-Onion-Solutions/security-onion/issues/919

Issue 923: Setup: warn user if they disable full packet capture
https://github.com/Security-Onion-Solutions/security-onion/issues/923

Issue 932: Setup: consistently apply title to all zenity windows
https://github.com/Security-Onion-Solutions/security-onion/issues/932

Wes Lambert tested this package.  Thanks, Wes!

Updating
This package is now available in our stable repo.  Please see the following page for full update instructions:
https://github.com/Security-Onion-Solutions/security-onion/wiki/Upgrade

Want to show your support for Security Onion?
Security Onion t-shirts are available in our CafePress store!
http://www.cafepress.com/securityonion/11820053

Training
The next round of online classes will be in July:
https://attendee.gototraining.com/9z73w/catalog/8119062504158470144

Conference
Security Onion Conference will be on Friday September 9 and CFP is open!
http://blog.securityonion.net/2016/03/security-onion-conference-2016-cfp.html

Support
Need support?  Please see:
https://github.com/Security-Onion-Solutions/security-onion/wiki/Support

Thanks!