The following packages are now available:
securityonion-setup - 20120912-0ubuntu0securityonion293
This should resolve the following issues:
Setup: postinst script should add MySQL LimitNOFILE setting if necessary #1443
https://github.com/Security-Onion-Solutions/security-onion/issues/1443
Setup: create desktop shortcut for CyberChef #1449
https://github.com/Security-Onion-Solutions/security-onion/issues/1449
securityonion-setup: change wiki links to docs #1450
https://github.com/Security-Onion-Solutions/security-onion/issues/1450
Setup: change Elastic Setup to Setup #1453
https://github.com/Security-Onion-Solutions/security-onion/issues/1453
Setup: disable Bro syslog.log by default in Production Mode #1457
https://github.com/Security-Onion-Solutions/security-onion/issues/1457
Thanks
Thanks to Wes Lambert for testing!
Updating
Please see the following page for full update instructions:
https://securityonion.net/docs/Upgrade
Training
We have a 4-day Security Onion training class coming up in Columbia MD! If you can't make it to this onsite class, we have a new online training platform! For more information and other training options, please see:
https://securityonionsolutions.com
Appliances
We now offer hardware appliances! For more information, please see:
https://blog.securityonion.net/2018/10/introducing-security-onion-solutions.html
Documentation
We've got a brand new documentation site! Please let us know if anything needs to be updated.
https://securityonion.net/docs
Support
Need support? Please see:
https://securityonion.net/docs/Support
Thanks!
Tuesday, February 26, 2019
Monday, February 25, 2019
Wazuh 3.8.2 now available for Security Onion!
The following packages are now available:
Wazuh 3.8.2 (packaged as ossec-hids-server - 3.8.2.2ubuntu1securityonion1)
securityonion-ossec-rules - 20120726-0ubuntu0securityonion12
This should resolve the following issues:
Wazuh 3.8.2 #1422
https://github.com/Security-Onion-Solutions/security-onion/issues/1422
Wazuh email config not being migrated properly #1441
https://github.com/Security-Onion-Solutions/security-onion/issues/1441
securityonion-ossec-rules: ignore alerts on common files #1455
https://github.com/Security-Onion-Solutions/security-onion/issues/1455
Thanks
Thanks to the Wazuh team for Wazuh 3.8.2!
Thanks to Wes Lambert for testing!
Updating
Please see the following page for full update instructions:
https://securityonion.net/docs/Upgrade
Training
We have a 4-day Security Onion training class coming up in Columbia MD! If you can't make it to this onsite class, we have a new online training platform! For more information and other training options, please see:
https://securityonionsolutions.com
Appliances
We now offer hardware appliances! For more information, please see:
https://blog.securityonion.net/2018/10/introducing-security-onion-solutions.html
Documentation
We've got a brand new documentation site! Please let us know if anything needs to be updated.
https://securityonion.net/docs
Support
Need support? Please see:
https://securityonion.net/docs/Support
Thanks!
Wazuh 3.8.2 (packaged as ossec-hids-server - 3.8.2.2ubuntu1securityonion1)
securityonion-ossec-rules - 20120726-0ubuntu0securityonion12
This should resolve the following issues:
Wazuh 3.8.2 #1422
https://github.com/Security-Onion-Solutions/security-onion/issues/1422
Wazuh email config not being migrated properly #1441
https://github.com/Security-Onion-Solutions/security-onion/issues/1441
securityonion-ossec-rules: ignore alerts on common files #1455
https://github.com/Security-Onion-Solutions/security-onion/issues/1455
Thanks
Thanks to the Wazuh team for Wazuh 3.8.2!
Thanks to Wes Lambert for testing!
Updating
Please see the following page for full update instructions:
https://securityonion.net/docs/Upgrade
Training
We have a 4-day Security Onion training class coming up in Columbia MD! If you can't make it to this onsite class, we have a new online training platform! For more information and other training options, please see:
https://securityonionsolutions.com
Appliances
We now offer hardware appliances! For more information, please see:
https://blog.securityonion.net/2018/10/introducing-security-onion-solutions.html
Documentation
We've got a brand new documentation site! Please let us know if anything needs to be updated.
https://securityonion.net/docs
Support
Need support? Please see:
https://securityonion.net/docs/Support
Thanks!
Thursday, February 21, 2019
securityonion-nsmnow-admin-scripts - 20120724-0ubuntu0securityonion200 now available for Security Onion!
The following packages are now available:
securityonion-nsmnow-admin-scripts - 20120724-0ubuntu0securityonion200
This should resolve the following issues:
NSM: wipe Suricata stats.log using truncate rather than rm #1456
https://github.com/Security-Onion-Solutions/security-onion/issues/1456
Thanks
Thanks to Wes Lambert for testing!
Updating
Please see the following page for full update instructions:
https://securityonion.net/docs/Upgrade
Training
We have a 4-day Security Onion training class coming up in Columbia MD! If you can't make it to this onsite class, we have a new online training platform! For more information and other training options, please see:
https://securityonionsolutions.com
Appliances
We now offer hardware appliances! For more information, please see:
https://blog.securityonion.net/2018/10/introducing-security-onion-solutions.html
Documentation
We've got a brand new documentation site! Please let us know if anything needs to be updated.
https://securityonion.net/docs
Support
Need support? Please see:
https://securityonion.net/docs/Support
Thanks!
securityonion-nsmnow-admin-scripts - 20120724-0ubuntu0securityonion200
This should resolve the following issues:
NSM: wipe Suricata stats.log using truncate rather than rm #1456
https://github.com/Security-Onion-Solutions/security-onion/issues/1456
Thanks
Thanks to Wes Lambert for testing!
Updating
Please see the following page for full update instructions:
https://securityonion.net/docs/Upgrade
Training
We have a 4-day Security Onion training class coming up in Columbia MD! If you can't make it to this onsite class, we have a new online training platform! For more information and other training options, please see:
https://securityonionsolutions.com
Appliances
We now offer hardware appliances! For more information, please see:
https://blog.securityonion.net/2018/10/introducing-security-onion-solutions.html
Documentation
We've got a brand new documentation site! Please let us know if anything needs to be updated.
https://securityonion.net/docs
Support
Need support? Please see:
https://securityonion.net/docs/Support
Thanks!
CyberChef 8.23.4 now available for Security Onion!
CyberChef 8.23.4 was recently released:
https://github.com/gchq/CyberChef/blob/master/CHANGELOG.md
securityonion-web-page - 20141015-0ubuntu0securityonion91 is now available and includes CyberChef 8.23.4. This should resolve the following issues:
CyberChef 8.23.4 #1439
https://github.com/Security-Onion-Solutions/security-onion/issues/1439
securityonion-web-page: change wiki links to docs #1451
https://github.com/Security-Onion-Solutions/security-onion/issues/1451
Thanks
Thanks to the CyberChef team for CyberChef 8.23.4!
Thanks to Wes Lambert for testing this package!
Updating
Please see the following page for full update instructions:
https://securityonion.net/docs/Upgrade
Training
We have a 4-day Security Onion training class coming up in Columbia MD! If you can't make it to this onsite class, we have a new online training platform! For more information and other training options, please see:
https://securityonionsolutions.com
Appliances
We now offer hardware appliances! For more information, please see:
https://blog.securityonion.net/2018/10/introducing-security-onion-solutions.html
Documentation
We've got a brand new documentation site! Please let us know if anything needs to be updated.
https://securityonion.net/docs
Support
Need support? Please see:
https://securityonion.net/docs/Support
Thanks!
https://github.com/gchq/CyberChef/blob/master/CHANGELOG.md
securityonion-web-page - 20141015-0ubuntu0securityonion91 is now available and includes CyberChef 8.23.4. This should resolve the following issues:
CyberChef 8.23.4 #1439
https://github.com/Security-Onion-Solutions/security-onion/issues/1439
securityonion-web-page: change wiki links to docs #1451
https://github.com/Security-Onion-Solutions/security-onion/issues/1451
CyberChef 8.23.4 |
Thanks
Thanks to the CyberChef team for CyberChef 8.23.4!
Thanks to Wes Lambert for testing this package!
Updating
Please see the following page for full update instructions:
https://securityonion.net/docs/Upgrade
Training
We have a 4-day Security Onion training class coming up in Columbia MD! If you can't make it to this onsite class, we have a new online training platform! For more information and other training options, please see:
https://securityonionsolutions.com
Appliances
We now offer hardware appliances! For more information, please see:
https://blog.securityonion.net/2018/10/introducing-security-onion-solutions.html
Documentation
We've got a brand new documentation site! Please let us know if anything needs to be updated.
https://securityonion.net/docs
Support
Need support? Please see:
https://securityonion.net/docs/Support
Thanks!
securityonion-sostat - 20120722-0ubuntu0securityonion121 now available for Security Onion!
The following packages are now available:
securityonion-sostat - 20120722-0ubuntu0securityonion121
This should resolve the following issues:
securityonion-sostat: change wiki links to docs #1454
https://github.com/Security-Onion-Solutions/security-onion/issues/1454
Thanks
Thanks to Wes Lambert for testing!
Updating
Please see the following page for full update instructions:
https://securityonion.net/docs/Upgrade
Training
We have a 4-day Security Onion training class coming up in Columbia MD! If you can't make it to one of these onsite classes, we have a new online training platform! For more information and other training options, please see:
https://securityonionsolutions.com
Appliances
We now offer hardware appliances! For more information, please see:
https://blog.securityonion.net/2018/10/introducing-security-onion-solutions.html
Documentation
We've started moving our documentation to https://securityonion.net/docs! Please let us know if anything needs to be updated.
Support
Need support? Please see:
https://securityonion.net/docs/Support
Thanks!
securityonion-sostat - 20120722-0ubuntu0securityonion121
This should resolve the following issues:
securityonion-sostat: change wiki links to docs #1454
https://github.com/Security-Onion-Solutions/security-onion/issues/1454
Thanks
Thanks to Wes Lambert for testing!
Updating
Please see the following page for full update instructions:
https://securityonion.net/docs/Upgrade
Training
We have a 4-day Security Onion training class coming up in Columbia MD! If you can't make it to one of these onsite classes, we have a new online training platform! For more information and other training options, please see:
https://securityonionsolutions.com
Appliances
We now offer hardware appliances! For more information, please see:
https://blog.securityonion.net/2018/10/introducing-security-onion-solutions.html
Documentation
We've started moving our documentation to https://securityonion.net/docs! Please let us know if anything needs to be updated.
Support
Need support? Please see:
https://securityonion.net/docs/Support
Thanks!
Monday, February 11, 2019
New Setup and NSM packages now available for Security Onion!
The following packages are now available:
securityonion-nsmnow-admin-scripts - 20120724-0ubuntu0securityonion199
securityonion-setup - 20120912-0ubuntu0securityonion285
This should resolve the following issues:
Setup: update setup conf files #1417
https://github.com/Security-Onion-Solutions/security-onion/issues/1417
Setup: Fix bug where the regex in sed disables incorrect interfaces #1427
https://github.com/Security-Onion-Solutions/security-onion/issues/1427
Setup: add logger node to Bro node.cfg #1420
https://github.com/Security-Onion-Solutions/security-onion/issues/1420
Setup: configure Bro cluster mode for AF_PACKET #1421
https://github.com/Security-Onion-Solutions/security-onion/issues/1421
Setup: configure Suricata for AF_PACKET #1432
https://github.com/Security-Onion-Solutions/security-onion/issues/1432
NSM: Improve the method of updating thread count in suricata.yaml #1230
https://github.com/Security-Onion-Solutions/security-onion/issues/1230
NSM: support running Suricata using AF_PACKET #1431
https://github.com/Security-Onion-Solutions/security-onion/issues/1431
As an overview, these updates will cause new installations to configure Bro and Suricata to collect network traffic via AF_PACKET (instead of PF_RING as we've done for the last few years). Installations already configured for PF_RING will continue to use PF_RING. Please see the links above for background information and config changes.
Thanks
Thanks to Wes Lambert for testing!
Updating
Please see the following page for full update instructions:
https://securityonion.net/wiki/Upgrade
Training
We have 4-day Security Onion training classes coming up in San Antonio TX, Atlanta GA, and Columbia MD! If you can't make it to one of these onsite classes, we have a new online training platform! For more information and other training options, please see:
https://securityonionsolutions.com
Appliances
We now offer hardware appliances! For more information, please see:
https://blog.securityonion.net/2018/10/introducing-security-onion-solutions.html
Documentation
We've started moving our documentation to https://securityonion.net/docs! Please let us know if anything needs to be updated.
Support
Need support? Please see:
https://securityonion.net/wiki/Support
Thanks!
securityonion-nsmnow-admin-scripts - 20120724-0ubuntu0securityonion199
securityonion-setup - 20120912-0ubuntu0securityonion285
This should resolve the following issues:
Setup: update setup conf files #1417
https://github.com/Security-Onion-Solutions/security-onion/issues/1417
Setup: Fix bug where the regex in sed disables incorrect interfaces #1427
https://github.com/Security-Onion-Solutions/security-onion/issues/1427
Setup: add logger node to Bro node.cfg #1420
https://github.com/Security-Onion-Solutions/security-onion/issues/1420
Setup: configure Bro cluster mode for AF_PACKET #1421
https://github.com/Security-Onion-Solutions/security-onion/issues/1421
Setup: configure Suricata for AF_PACKET #1432
https://github.com/Security-Onion-Solutions/security-onion/issues/1432
NSM: Improve the method of updating thread count in suricata.yaml #1230
https://github.com/Security-Onion-Solutions/security-onion/issues/1230
NSM: support running Suricata using AF_PACKET #1431
https://github.com/Security-Onion-Solutions/security-onion/issues/1431
As an overview, these updates will cause new installations to configure Bro and Suricata to collect network traffic via AF_PACKET (instead of PF_RING as we've done for the last few years). Installations already configured for PF_RING will continue to use PF_RING. Please see the links above for background information and config changes.
Thanks
Thanks to Wes Lambert for testing!
Updating
Please see the following page for full update instructions:
https://securityonion.net/wiki/Upgrade
Training
We have 4-day Security Onion training classes coming up in San Antonio TX, Atlanta GA, and Columbia MD! If you can't make it to one of these onsite classes, we have a new online training platform! For more information and other training options, please see:
https://securityonionsolutions.com
Appliances
We now offer hardware appliances! For more information, please see:
https://blog.securityonion.net/2018/10/introducing-security-onion-solutions.html
Documentation
We've started moving our documentation to https://securityonion.net/docs! Please let us know if anything needs to be updated.
Support
Need support? Please see:
https://securityonion.net/wiki/Support
Thanks!
Monday, February 4, 2019
securityonion-sostat - 20120722-0ubuntu0securityonion120 now available for Security Onion!
The following package is now available:
securityonion-sostat - 20120722-0ubuntu0securityonion120
This should resolve the following issues:
soup: create /etc/apt/apt.conf.d/10periodic #1423
https://github.com/Security-Onion-Solutions/security-onion/issues/1423
soup: output reminder to update remaining boxes in deployment #1424
https://github.com/Security-Onion-Solutions/security-onion/issues/1424
soup: check for lock #1428
https://github.com/Security-Onion-Solutions/security-onion/issues/1428
soup: node checking master for updates fails if master has 1 update #1434
https://github.com/Security-Onion-Solutions/security-onion/issues/1434
Thanks
Thanks to Wes Lambert for testing!
Updating
Please see the following page for full update instructions:
https://securityonion.net/wiki/Upgrade
Training
We have 4-day Security Onion training classes coming up in San Antonio TX, Atlanta GA, and Columbia MD! If you can't make it to one of these onsite classes, we have a new online training platform! For more information and other training options, please see:
https://securityonionsolutions.com
Appliances
We now offer hardware appliances! For more information, please see:
https://blog.securityonion.net/2018/10/introducing-security-onion-solutions.html
Support
Need support? Please see:
https://securityonion.net/wiki/Support
Thanks!
securityonion-sostat - 20120722-0ubuntu0securityonion120
This should resolve the following issues:
soup: create /etc/apt/apt.conf.d/10periodic #1423
https://github.com/Security-Onion-Solutions/security-onion/issues/1423
soup: output reminder to update remaining boxes in deployment #1424
https://github.com/Security-Onion-Solutions/security-onion/issues/1424
soup: check for lock #1428
https://github.com/Security-Onion-Solutions/security-onion/issues/1428
soup: node checking master for updates fails if master has 1 update #1434
https://github.com/Security-Onion-Solutions/security-onion/issues/1434
Thanks
Thanks to Wes Lambert for testing!
Updating
Please see the following page for full update instructions:
https://securityonion.net/wiki/Upgrade
Training
We have 4-day Security Onion training classes coming up in San Antonio TX, Atlanta GA, and Columbia MD! If you can't make it to one of these onsite classes, we have a new online training platform! For more information and other training options, please see:
https://securityonionsolutions.com
Appliances
We now offer hardware appliances! For more information, please see:
https://blog.securityonion.net/2018/10/introducing-security-onion-solutions.html
Support
Need support? Please see:
https://securityonion.net/wiki/Support
Thanks!