Monday, February 11, 2019

New Setup and NSM packages now available for Security Onion!

The following packages are now available:
securityonion-nsmnow-admin-scripts - 20120724-0ubuntu0securityonion199
securityonion-setup - 20120912-0ubuntu0securityonion285

This should resolve the following issues:

Setup: update setup conf files #1417
https://github.com/Security-Onion-Solutions/security-onion/issues/1417

Setup: Fix bug where the regex in sed disables incorrect interfaces #1427
https://github.com/Security-Onion-Solutions/security-onion/issues/1427

Setup: add logger node to Bro node.cfg #1420
https://github.com/Security-Onion-Solutions/security-onion/issues/1420

Setup: configure Bro cluster mode for AF_PACKET #1421
https://github.com/Security-Onion-Solutions/security-onion/issues/1421

Setup: configure Suricata for AF_PACKET #1432
https://github.com/Security-Onion-Solutions/security-onion/issues/1432

NSM: Improve the method of updating thread count in suricata.yaml #1230
https://github.com/Security-Onion-Solutions/security-onion/issues/1230

NSM: support running Suricata using AF_PACKET #1431
https://github.com/Security-Onion-Solutions/security-onion/issues/1431

As an overview, these updates will cause new installations to configure Bro and Suricata to collect network traffic via AF_PACKET (instead of PF_RING as we've done for the last few years).  Installations already configured for PF_RING will continue to use PF_RING.  Please see the links above for background information and config changes.

Thanks
Thanks to Wes Lambert for testing!

Updating
Please see the following page for full update instructions:
https://securityonion.net/wiki/Upgrade

Training
We have 4-day Security Onion training classes coming up in San Antonio TX, Atlanta GA, and Columbia MD!  If you can't make it to one of these onsite classes, we have a new online training platform!  For more information and other training options, please see:
https://securityonionsolutions.com

Appliances
We now offer hardware appliances!  For more information, please see:
https://blog.securityonion.net/2018/10/introducing-security-onion-solutions.html

Documentation
We've started moving our documentation to https://securityonion.net/docs!  Please let us know if anything needs to be updated.

Support
Need support?  Please see:
https://securityonion.net/wiki/Support

Thanks!

No comments:

Search This Blog

Featured Post

State of the Onion 2024

We usually have our State of the Onion at the annual Security Onion Conference, but we had to cancel the conference due to Hurricane Helene ...

Popular Posts

Blog Archive