Security Onion 16.04.6.1 is now available!
 |
| Security Onion 16.04.6.1 |
Major Changes Since Last ISO Image
- Elastic 6.7.2
- CyberChef 8.31.3
- Suricata 4.1.4
- Wazuh 3.8.2
- now includes a static copy of our new Documentation
- now includes our Cheat Sheet PDF
- so-import-pcap handles many more use cases and can now run Setup for you if necessary
- new PCAP samples in /opt/samples/mta/
- Setup now configures Bro and Suricata for AF_PACKET by default
- fixed lots of bugs!
Thanks
Thanks to the following for testing this ISO image!
- Wes Lambert
- Dustin Lee
- Bryant Treacle
Issues Resolved
For a list of all issues resolved in this release, please see:
https://github.com/Security-Onion-Solutions/security-onion/projects/6
Release Notes
For more information about this release, please see:
https://securityonion.net/docs/release-notes.html
Installation Guide
We've updated the Installation guide to reflect the download locations for the new ISO image:
https://securityonion.net/docs/installation.html
Existing Deployments
If you have existing 16.04 installations, there is no need to download the new ISO image. You can simply continue using our standard update process to install updated packages as they are made available:
https://securityonion.net/docs/Upgrade
If you have existing installations of Security Onion 14.04, you can upgrade from 14.04 to 16.04:
https://securityonion.net/docs/upgrading-from-14.04-to-16.04.html
Conference
Please mark your calendar! Security Onion Conference 2019 will be on Friday, October 4, 2019 and registration will open July 18! CFP is open now and we want to hear from you!
https://blog.securityonion.net/2019/04/security-onion-conference-2019-cfp.html
Training
We have 4-day Security Onion Training classes coming up in Costa Mesa CA and Columbia MD! Use promotional code
earlybird for 10% off the Columbia MD classes for a limited time. If you can't make it to an onsite class, we have a new online training platform. For more information and other training options, please see:
https://securityonionsolutions.com
Appliances
We now offer hardware appliances! For more information, please see:
https://blog.securityonion.net/2018/10/introducing-security-onion-solutions.html
Documentation
We've got a brand new documentation site! Please let us know if anything needs to be updated:
https://securityonion.net/docs
Support
Need support? Please see:
https://securityonion.net/docs/Support
Screenshot Tour
 |
| ISO Boot Menu |
 |
| Once the Live Desktop appears, double-click the Install icon and follow the prompts |
 |
| Once you've completed the installer and rebooted, login using the username and password you created in the installer |
 |
| After logging in, you are prompted to run Setup |
 |
| Setup Wizard |
 |
| Configure network interfaces, reboot, then log back in |
 |
| You are then prompted to run Setup again to continue to the second phase of Setup |
 |
| Skip network configuration to go to service configuration |
 |
| Evaluation Mode vs Production Mode |
 |
| Monitoring Interface Selection |
 |
| Create Username |
 |
| Create Password |
 |
| Confirm Password |
 |
| Confirm all options |
 |
| Setup Complete |
 |
| Desktop no longer prompts to run Setup |
 |
| The README shortcut includes links to the cheat sheet and online and offline documentation |
 |
| CyberChef 8.31.3 |
 |
| Single Sign On (SSO for Squert, CapMe, and Kibana) |
 |
| Review IDS alerts using Squert |
 |
| Retrieve full packet capture with CapMe |
 |
| Kibana Overview |
 |
| If you want to change from dark dashboards to light, you can run so-elastic-configure-kibana-dashboards-light |
 |
| Light dashboards |
 |
| If you want to switch back to dark dashboards, you can run so-elastic-configure-kibana-dashboards-dark |
 |
| Back to dark dashboards |
 |
| Help |
 |
| Bro Notices |
 |
| ElastAlert |
 |
| HIDS Alerts from Wazuh (OSSEC) |
 |
| NIDS Alerts from Snort or Suricata |
 |
| Bro Connections |
 |
| Bro DCE/RPC |
 |
| Bro DHCP |
 |
| Bro DNP3 |
 |
| Bro DNS |
 |
| Bro Files |
 |
| Bro FTP |
 |
| Bro HTTP |
 |
| Bro Intel |
 |
| Bro IRC |
 |
| Bro Kerberos |
 |
| Bro Modbus |
 |
| Bro MySQL |
 |
| Bro NTLM |
 |
| Bro PE |
 |
| Bro RADIUS |
 |
| Bro RDP |
 |
| Bro RFB |
 |
| Bro SIP |
 |
| Bro SMB |
 |
| Bro SMTP |
 |
| Bro SNMP |
 |
| Bro Software |
 |
| Bro SSH |
 |
| Bro SSL |
 |
| Bro Syslog |
 |
| Bro Tunnels |
 |
| Bro Weird |
 |
| Bro X.509 |
 |
| Autoruns |
 |
| Beats |
 |
| OSSEC (Wazuh) Logs |
 |
| Sysmon |
 |
| Domain Stats |
 |
| Firewall |
 |
| Frequency Analysis |
 |
| Syslog |
No comments:
Post a Comment