Tuesday, February 21, 2017

Suricata 3.2.1 now available for Security Onion!

Suricata 3.2.1 was recently released:
https://suricata-ids.org/2017/02/15/suricata-3-2-1-available/

I've packaged it and the following package is now available:
securityonion-suricata - 3.2.1-1ubuntu1securityonion1

This new package should resolve the following issue:

Suricata 3.2.1 #1081
https://github.com/Security-Onion-Solutions/security-onion/issues/1081

This package has been tested by Wes Lambert.  Thanks, Wes!

Updating
This package is now available in our stable repo.  Please see the following page for full update instructions:
https://github.com/Security-Onion-Solutions/security-onion/wiki/Upgrade

This update will back up each of your existing suricata.yaml files to suricata.yaml.bak and migrate your HOME_NET and EXTERNAL_NET variables.  You'll then need to do the following:

  • re-apply any other local customizations to your suricata.yaml file(s)
  • update ruleset and restart Suricata as follows:

    sudo rule-update

Want to show your support for Security Onion?
Security Onion t-shirts are available in our CafePress store!
http://www.cafepress.com/securityonion/11820053

Need Training?
We have 3-hour online training classes in March:
https://securityonionsolutions.com/onlinetraining

We also have 4-day onsite training classes in June and September, with an early bird discount for a limited time:
http://blog.securityonion.net/2017/02/early-bird-discounts-for-security-onion.html

Conference
Our annual Security Onion Conference will be Friday September 15, 2017:
https://securityonion.net/conference

Support
Need support?  Please see:
https://github.com/Security-Onion-Solutions/security-onion/wiki/Support

Thanks!

Monday, February 20, 2017

Security Onion 14.04.5.2 ISO image now available!

We have a new Security Onion 14.04.5.2 ISO image now available that contains all the latest Ubuntu and Security Onion updates as of January 30, 2017!

This resolves the following issue:

Issue 880: 14.04.5.2 ISO image
https://github.com/Security-Onion-Solutions/security-onion/issues/880

This new ISO image has been tested by Wes Lambert.  Thanks, Wes!

New Installations
I've updated the Verify_ISO page for the new ISO image:
https://github.com/Security-Onion-Solutions/security-onion/blob/master/Verify_ISO.md

Please remember to verify the signature of the downloaded ISO image using the instructions on that page.

Existing Deployments
If you have existing installations based on a previous 14.04 ISO image, there is no need to download the new ISO image.  You can simply continue using our standard update process to install updated packages as they are made available:
https://github.com/Security-Onion-Solutions/security-onion/wiki/Upgrade

Release Notes
For more information about this release, please see:
https://github.com/Security-Onion-Solutions/security-onion/wiki/Security-Onion-14.04-Release-Notes

Want to show your support for Security Onion?
Security Onion t-shirts are available in our CafePress store!
http://www.cafepress.com/securityonion/11820053

Need Training?
We have 3-hour online training classes in March:
https://securityonionsolutions.com/onlinetraining

We also have 4-day onsite training classes in June and September, with an early bird discount for a limited time:
http://blog.securityonion.net/2017/02/early-bird-discounts-for-security-onion.html

Conference
Our annual Security Onion Conference will be Friday September 15, 2017:
https://securityonion.net/conference

Support
Need support?  Please see:
https://github.com/Security-Onion-Solutions/security-onion/wiki/Support

Thanks!

Monday, February 13, 2017

Early Bird Discount for Security Onion 4-day Training Classes

Our wildly popular 4-day onsite training class has been scheduled for Alexandria VA in June and Augusta GA in September!

The following discount code is good for 15% off either of those classes for a limited time!
earlybird

For the Alexandria VA class, the earlybird discount code expires on March 15.

For the Augusta GA class, the earlybird discount code expires on May 15.

For more details and to register, please see:
https://securityonionsolutions.com/onsitetraining

If you can't attend the onsite classes, our next live session of online training will be March 13, 2017 through March 16, 2017.  For more details and to register, please see:
https://securityonionsolutions.com/onlinetraining