Wednesday, November 30, 2016

securityonion-setup - 20120912-0ubuntu0securityonion229 resolves 3 issues

The following package is now available:
securityonion-setup - 20120912-0ubuntu0securityonion229

This new package should resolve the following issues:

Issue 988: Setup: use lowercase of hostname when creating sensornames
https://github.com/Security-Onion-Solutions/security-onion/issues/988

Issue 1000: Setup: rename VRT to Talos
https://github.com/Security-Onion-Solutions/security-onion/issues/1000

Issue 989: Setup: postinst should check for existence of account before chown
https://github.com/Security-Onion-Solutions/security-onion/issues/989

Thanks to Wes Lambert!

Updating
This package is now available in our stable repo.  Please see the following page for full update instructions:
https://github.com/Security-Onion-Solutions/security-onion/wiki/Upgrade

Want to show your support for Security Onion?
Security Onion t-shirts are available in our CafePress store!
http://www.cafepress.com/securityonion/11820053

Training
Security Onion Solutions provides onsite, online, and on-demand training.  For more information, please see:
https://securityonionsolutions.com

Support
Need support?  Please see:
https://github.com/Security-Onion-Solutions/security-onion/wiki/Support

Thanks!

Monday, November 14, 2016

securityonion-elsa-extras - 20151011-1ubuntu1securityonion40 resolves an issue

The following package is now available:
securityonion-elsa-extras - 20151011-1ubuntu1securityonion40

This new package should resolve the following issue:

Issue 1010: securityonion-elsa-extras: Windows process enhancements
https://github.com/Security-Onion-Solutions/security-onion/issues/1010

Thanks to Brian Kellogg for submitted these new ELSA patterns!

Updating
This package is now available in our stable repo.  Please see the following page for full update instructions:
https://github.com/Security-Onion-Solutions/security-onion/wiki/Upgrade

Want to show your support for Security Onion?
Security Onion t-shirts are available in our CafePress store!
http://www.cafepress.com/securityonion/11820053

Training
Security Onion Solutions provides onsite, online, and on-demand training.  For more information, please see:
https://securityonionsolutions.com

Support
Need support?  Please see:
https://github.com/Security-Onion-Solutions/security-onion/wiki/Support

Thanks!

Monday, November 7, 2016

Suricata 3.1.3 now available for Security Onion!

Suricata 3.1.3 was recently released:
https://suricata-ids.org/2016/11/01/suricata-3-1-3-released/

I've packaged it and the following package is now available:
securityonion-suricata - 3.1.3-1ubuntu1securityonion2

This new package should resolve the following issue:

Issue 1014: Suricata 3.1.3
https://github.com/Security-Onion-Solutions/security-onion/issues/1014

This package has been tested by Wes Lambert.  Thanks, Wes!

Updating
This package is now available in our stable repo.  Please see the following page for full update instructions:
https://github.com/Security-Onion-Solutions/security-onion/wiki/Upgrade

This update will back up each of your existing suricata.yaml files to suricata.yaml.bak and migrate your HOME_NET and EXTERNAL_NET variables.  You'll then need to do the following:
  • re-apply any other local customizations to your suricata.yaml file(s)
  • update ruleset and restart Suricata as follows:
    sudo rule-update
Want to show your support for Security Onion?
Security Onion t-shirts are available in our CafePress store!
http://www.cafepress.com/securityonion/11820053

Training
Security Onion Solutions provides onsite, online, and on-demand training.  For more information, please see:
https://securityonionsolutions.com

Support
Need support?  Please see:
https://github.com/Security-Onion-Solutions/security-onion/wiki/Support

Thanks!