Security Onion Blog

Wednesday, January 22, 2025

Coming soon to Security Onion: Local IP Lookups!

Our upcoming Security Onion 2.4.120 release includes a new local IP lookup feature! This allows you to define local descriptions for important IP addresses in your environment. This is useful for IP addresses that don't have a reverse DNS entry or for when you want to override the reverse DNS entry with a custom value. 


When you are viewing IP addresses in Security Onion Console (SOC) with reverse lookups enabled, SOC will check the local mappings first. If it doesn’t find a match, then it will attempt a reverse DNS lookup. The lookup will be displayed to the right of the IP address. For example:


Security Onion 2.4.120 is coming soon!

at
Labels: , , , , , ,

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)

Search This Blog

Featured Post

Quick Malware Analysis: SMARTAPESG / NETSUPPORT RAT / STEALC pcap from 2025-02-18

Thanks to Brad Duncan for sharing this pcap from 2025-02-18 on his malware traffic analysis site! Due to issues with Google flagging a warni...

Popular Posts

  • Security Onion 2.4 Base OS
    Introduction Recent events have forced us to change course on the base operating system (OS) for Security Onion 2.4.  On 6/21/2023, Red Hat ...
  • Security Advisory for Squert
    Introduction Jeffrey Medsger reported several command injection and SQL injection vulnerabilities in Squert.  Wes Lambert also discovered s...
  • Community Webinars featuring Security Onion
    Thanks to all who attended the Zeek webinar on May 27! For those weren't able to join, the recording should be available soon and we wi...

Blog Archive