securityonion-sostat - 20120722-0ubuntu0securityonion113 is now available and should resolve the following issues:
Issue 1342: soup: improve detection of Docker image updates
https://github.com/Security-Onion-Solutions/security-onion/issues/1342
Issue 1358: soup: initialize MYSQL_DISABLED
https://github.com/Security-Onion-Solutions/security-onion/issues/1358
Thanks
Thanks to Wes Lambert for testing this package!
Updating
Please see the following page for full update instructions:
https://securityonion.net/wiki/Upgrade
Training
We have a 4-day Security Onion training class coming up in San Antonio, Texas! If you can't make it to this onsite class, we have a new online training platform! For more information and other training options, please see:
https://securityonionsolutions.com
Appliances
We now offer hardware appliances! For more information, please see:
https://blog.securityonion.net/2018/10/introducing-security-onion-solutions.html
Support
Need support? Please see:
https://securityonion.net/wiki/Support
Thanks!
Showing posts with label mysql. Show all posts
Showing posts with label mysql. Show all posts
Tuesday, November 13, 2018
Monday, September 10, 2018
securityonion-setup - 20120912-0ubuntu0securityonion276 now available for Security Onion 16.04!
The following package is now available:
securityonion-setup - 20120912-0ubuntu0securityonion276
This should resolve the following issues:
so-allow: fix verbiage for ES REST Endpoint #1325
https://github.com/Security-Onion-Solutions/security-onion/issues/1325
securityonion-setup: increase MySQL open files limit #1322
https://github.com/Security-Onion-Solutions/security-onion/issues/1322
Screenshots
Thanks
Thanks to Wes Lambert for updating so-allow and testing this new package!
Updating
Please see the following page for full update instructions:
https://securityonion.net/wiki/Upgrade
Conference
Registration is now open for our annual Security Onion Conference in Augusta GA!
http://socaugusta2018.eventbrite.com/
Training
We have 4-day Security Onion training classes coming up in Maryland and Georgia! If you can't make it to any of these onsite classes, we have a new online training platform! For more information and other training options, please see:
https://securityonionsolutions.com
Support
Need support? Please see:
https://securityonion.net/wiki/Support
Thanks!
securityonion-setup - 20120912-0ubuntu0securityonion276
This should resolve the following issues:
so-allow: fix verbiage for ES REST Endpoint #1325
https://github.com/Security-Onion-Solutions/security-onion/issues/1325
securityonion-setup: increase MySQL open files limit #1322
https://github.com/Security-Onion-Solutions/security-onion/issues/1322
Screenshots
 |
| MySQL open_files_limit |
 |
| so-allow |
Thanks
Thanks to Wes Lambert for updating so-allow and testing this new package!
Updating
Please see the following page for full update instructions:
https://securityonion.net/wiki/Upgrade
Conference
Registration is now open for our annual Security Onion Conference in Augusta GA!
http://socaugusta2018.eventbrite.com/
Training
We have 4-day Security Onion training classes coming up in Maryland and Georgia! If you can't make it to any of these onsite classes, we have a new online training platform! For more information and other training options, please see:
https://securityonionsolutions.com
Support
Need support? Please see:
https://securityonion.net/wiki/Support
Thanks!
Wednesday, August 1, 2018
securityonion-sostat - 20120722-0ubuntu0securityonion108 now available for Security Onion!
For background, please see yesterday's post:
https://blog.securityonion.net/2018/07/mysql-upgrade-errors.html
securityonion-sostat - 20120722-0ubuntu0securityonion108 is now available and should resolve the following issue:
soup: avoid issues with mysql 5.7 and systemd #1283
https://github.com/Security-Onion-Solutions/security-onion/issues/1283
Thanks
Thanks to Wes Lambert for testing this package!
Updating
Please see the following page for full update instructions:
https://securityonion.net/wiki/Upgrade
Please note that if you run the older version of soup to install this new package, then you may still experience the MySQL errors and thus may need to use the workaround here:
https://securityonion.net/wiki/MySQL-Upgrade-Errors
Training
We have 4-day Security Onion training classes coming up in Maryland and Georgia! If you can't make it to any of these onsite classes, we have a new online training platform! For more information and other training options, please see:
https://securityonionsolutions.com
Support
Need support? Please see:
https://securityonion.net/wiki/Support
Thanks!
https://blog.securityonion.net/2018/07/mysql-upgrade-errors.html
securityonion-sostat - 20120722-0ubuntu0securityonion108 is now available and should resolve the following issue:
soup: avoid issues with mysql 5.7 and systemd #1283
https://github.com/Security-Onion-Solutions/security-onion/issues/1283
Thanks
Thanks to Wes Lambert for testing this package!
Updating
Please see the following page for full update instructions:
https://securityonion.net/wiki/Upgrade
Please note that if you run the older version of soup to install this new package, then you may still experience the MySQL errors and thus may need to use the workaround here:
https://securityonion.net/wiki/MySQL-Upgrade-Errors
Training
We have 4-day Security Onion training classes coming up in Maryland and Georgia! If you can't make it to any of these onsite classes, we have a new online training platform! For more information and other training options, please see:
https://securityonionsolutions.com
Support
Need support? Please see:
https://securityonion.net/wiki/Support
Thanks!
Tuesday, July 31, 2018
MySQL Upgrade Errors
Ubuntu released new MySQL packages for Ubuntu 16.04 on July 30, 2018:
https://usn.ubuntu.com/3725-1/
If you have a Security Onion 16.04 installation and run soup to install these new MySQL packages, you may see a few error messages. We'll be releasing a new version of soup that will avoid these issues for future MySQL upgrades. In the meantime, please see the following for more information and workarounds:
https://securityonion.net/wiki/MySQL-Upgrade-Errors
https://usn.ubuntu.com/3725-1/
If you have a Security Onion 16.04 installation and run soup to install these new MySQL packages, you may see a few error messages. We'll be releasing a new version of soup that will avoid these issues for future MySQL upgrades. In the meantime, please see the following for more information and workarounds:
https://securityonion.net/wiki/MySQL-Upgrade-Errors
Monday, January 23, 2017
securityonion-elsa-extras - 20151011-1ubuntu1securityonion49 resolves an issue with recent MySQL updates
Ubuntu released new MySQL packages recently:
https://www.ubuntu.com/usn/usn-3174-1/
These packages contain some changes which prevented ELSA from creating new database tables. I've updated our securityonion-elsa-extras package to set the newly required MySQL permissions and the new package version is as follows:
securityonion-elsa-extras - 20151011-1ubuntu1securityonion49
This should resolve the following issue:
securityonion-elsa-extras: new MySQL packages require changes to elsa user #1065
https://github.com/Security-Onion-Solutions/security-onion/issues/1065
This package has been tested by Wes Lambert. Thanks, Wes!
Updating
This package is now available in our stable repo. Please see the following page for full update instructions:
https://github.com/Security-Onion-Solutions/security-onion/wiki/Upgrade
Want to show your support for Security Onion?
Security Onion t-shirts are available in our CafePress store!
http://www.cafepress.com/securityonion/11820053
Training
Security Onion Solutions provides onsite, online, and on-demand training. For more information, please see:
https://securityonionsolutions.com
Conference
Our annual Security Onion Conference will be Friday September 15, 2017:
https://securityonion.net/conference
Support
Need support? Please see:
https://github.com/Security-Onion-Solutions/security-onion/wiki/Support
Thanks!
https://www.ubuntu.com/usn/usn-3174-1/
These packages contain some changes which prevented ELSA from creating new database tables. I've updated our securityonion-elsa-extras package to set the newly required MySQL permissions and the new package version is as follows:
securityonion-elsa-extras - 20151011-1ubuntu1securityonion49
This should resolve the following issue:
securityonion-elsa-extras: new MySQL packages require changes to elsa user #1065
https://github.com/Security-Onion-Solutions/security-onion/issues/1065
This package has been tested by Wes Lambert. Thanks, Wes!
Updating
This package is now available in our stable repo. Please see the following page for full update instructions:
https://github.com/Security-Onion-Solutions/security-onion/wiki/Upgrade
Want to show your support for Security Onion?
Security Onion t-shirts are available in our CafePress store!
http://www.cafepress.com/securityonion/11820053
Training
Security Onion Solutions provides onsite, online, and on-demand training. For more information, please see:
https://securityonionsolutions.com
Conference
Our annual Security Onion Conference will be Friday September 15, 2017:
https://securityonion.net/conference
Support
Need support? Please see:
https://github.com/Security-Onion-Solutions/security-onion/wiki/Support
Thanks!
Friday, January 20, 2017
Latest MySQL packages may impact ELSA databases
Ubuntu released new MySQL packages yesterday:
https://www.ubuntu.com/usn/usn-3174-1/
These packages contain some changes which may impact ELSA databases. It is recommended to not install these updates until we can confirm the extent of the changes and any workarounds necessary.
Updates will be posted here as they become available.
UPDATE 2017/01/20 5:00 PM Eastern:
A preliminary ELSA package update has been submitted for testing:
https://groups.google.com/d/topic/security-onion-testing/xHmKLB8kNJg/discussion
UPDATE 2017/01/21 6:09 PM Eastern:
Adding a link to Issue 1065 for tracking:
https://github.com/Security-Onion-Solutions/security-onion/issues/1065
UPDATE 2017/01/23 6:13 AM Eastern:
Published updated ELSA package:
http://blog.securityonion.net/2017/01/securityonion-elsa-extras-20151011.html
https://www.ubuntu.com/usn/usn-3174-1/
These packages contain some changes which may impact ELSA databases. It is recommended to not install these updates until we can confirm the extent of the changes and any workarounds necessary.
Updates will be posted here as they become available.
UPDATE 2017/01/20 5:00 PM Eastern:
A preliminary ELSA package update has been submitted for testing:
https://groups.google.com/d/topic/security-onion-testing/xHmKLB8kNJg/discussion
UPDATE 2017/01/21 6:09 PM Eastern:
Adding a link to Issue 1065 for tracking:
https://github.com/Security-Onion-Solutions/security-onion/issues/1065
UPDATE 2017/01/23 6:13 AM Eastern:
Published updated ELSA package:
http://blog.securityonion.net/2017/01/securityonion-elsa-extras-20151011.html
Thursday, April 25, 2013
Ubuntu MySQL Updates
Ubuntu recently released updated MySQL packages. As a reminder, please follow the instructions at the following link to avoid any issues with MySQL updates:
https://code.google.com/p/security-onion/wiki/MySQLUpdates
https://code.google.com/p/security-onion/wiki/MySQLUpdates
Wednesday, February 27, 2013
New NSM scripts package now available!
I've updated our NSM scripts to resolve the following issues:
Issue 292: Need cronjob to reload syslog-ng at midnight
Issue 295: Increase sleep value in /etc/init/securityonion.conf
Issue 296: Run snort as non-root user
Issue 297: Run snort/suricata with unique PF_RING cluster-id per interface
Thanks to the following for testing this update!
The new NSM scripts package is now available in our stable repo. You can initiate the update process using the graphical Update Manager or with the following one-liner:
As a reminder, if you are prompted to install MySQL updates, please see the following for the recommended procedure for updating MySQL:
http://code.google.com/p/security-onion/wiki/MySQLUpdates
Feedback
If you have any questions or problems, please join our mailing list and ask away!
https://code.google.com/p/security-onion/wiki/MailingLists
Issue 292: Need cronjob to reload syslog-ng at midnight
Issue 295: Increase sleep value in /etc/init/securityonion.conf
Issue 296: Run snort as non-root user
Issue 297: Run snort/suricata with unique PF_RING cluster-id per interface
Thanks to the following for testing this update!
Matt GregoryInstallation
GabrielS
Heine Lysemose
The new NSM scripts package is now available in our stable repo. You can initiate the update process using the graphical Update Manager or with the following one-liner:
sudo apt-get update && sudo apt-get dist-upgradeReminder about MySQL Updates
As a reminder, if you are prompted to install MySQL updates, please see the following for the recommended procedure for updating MySQL:
http://code.google.com/p/security-onion/wiki/MySQLUpdates
Feedback
If you have any questions or problems, please join our mailing list and ask away!
https://code.google.com/p/security-onion/wiki/MailingLists
Wednesday, January 23, 2013
New securityonion-snorby package fixes multiple vulnerabilities
Snorby 2.5.4 was recently released with some vulnerability fixes:
https://github.com/Snorby/snorby/blob/master/ChangeLog.md
I've packaged Snorby 2.5.4 and the new securityonion-snorby package has been tested and confirmed by the following (thanks!):
Scott Runnels
Matt Gregory
Heine Lysemose
David Zawdie
The new package is now available in our stable repo. You can initiate the upgrade process using the graphical Update Manager or using the following one-liner:
sudo apt-get update && sudo apt-get dist-upgrade
Ubuntu recently released some MySQL updates, so you may also be prompted to update MySQL at the same time. Please see the following for the recommended procedure for updating MySQL:
When the new securityonion-snorby package installs, it should restart Apache and, if Setup has already been run, it should run "bundle exec rake snorby:update" and restart the Snorby worker as follows (you can disregard any "Jammit Warning" messages):
 |
| Upgrade Process |
Tuesday, March 13, 2012
Security Onion and Ubuntu's MySQL 5.1 update
Ubuntu just released new MySQL packages. A few things to be aware of for Security Onion users:
- The update will stop MySQL in order to perform the update. If sguild is running at the time, it will terminate as soon as MySQL stops. Once you've successfully completed the update and MySQL is back up and running, you should run the following on your Security Onion server to start sguild:
sudo nsm_server_ps-start
- When updating a Security Onion SENSOR (that sends its alerts to a separate Security Onion server), the update will try to start MySQL, but it will hang since port 3306 is already in use (being forwarded to the server over SSH). You can simply kill the startup since MySQL is currently not used on Security Onion sensors. On subsequent reboots, MySQL will startup, but when /etc/init/securityonion.conf executes, it will stop MySQL and bring up the SSH tunnel with port 3306 forwarded to the server.
If you have any questions or problems, please send a detailed email to our mailing list. Thanks!
Subscribe to:
Posts (Atom)