Monday, February 11, 2019

New Setup and NSM packages now available for Security Onion!

The following packages are now available:
securityonion-nsmnow-admin-scripts - 20120724-0ubuntu0securityonion199
securityonion-setup - 20120912-0ubuntu0securityonion285

This should resolve the following issues:

Setup: update setup conf files #1417

Setup: Fix bug where the regex in sed disables incorrect interfaces #1427

Setup: add logger node to Bro node.cfg #1420

Setup: configure Bro cluster mode for AF_PACKET #1421

Setup: configure Suricata for AF_PACKET #1432

NSM: Improve the method of updating thread count in suricata.yaml #1230

NSM: support running Suricata using AF_PACKET #1431

As an overview, these updates will cause new installations to configure Bro and Suricata to collect network traffic via AF_PACKET (instead of PF_RING as we've done for the last few years).  Installations already configured for PF_RING will continue to use PF_RING.  Please see the links above for background information and config changes.

Thanks to Wes Lambert for testing!

Please see the following page for full update instructions:

We have 4-day Security Onion training classes coming up in San Antonio TX, Atlanta GA, and Columbia MD!  If you can't make it to one of these onsite classes, we have a new online training platform!  For more information and other training options, please see:

We now offer hardware appliances!  For more information, please see:

We've started moving our documentation to!  Please let us know if anything needs to be updated.

Need support?  Please see:


No comments:

Search This Blog

Featured Post

Security Onion 2.4 Feature o' the Day - Configure SOC

Security Onion 2.4 includes lots of new features! SOC's new Configuration interface allows you to configure SOC: You can read more about...

Popular Posts

Blog Archive