|
|
|
PF_RING 5.6.1, Snort 2.9.5.3, and Suricata 1.4.5 packages now available |
Si vous voulez bloquer ce service sur vos fils RSS
Si vous voulez nous contacter ou nous proposer un fil RSS
Menu > Articles de la revue de presse : - l'ensemble [ tous | francophone] - par mots clé [ tous] - par site [ tous] - le tagwall [ voir] - Top bi-hebdo de la revue de presse [ Voir]
PF_RING 5.6.1, Snort 2.9.5.3, and Suricata 1.4.5 packages now available Par Security OnionLe [2013-09-03] à 13:37:28
Présentation : The following software was recently released PF_RING 5.6.1 http sourceforge.net projects ntop files PF_RING Snort 2.9.5.3 http blog.snort.org 2013 07 snort-2953-is-now-available.html Suricata 1.4.5 http suricata-ids.org 2013 07 26 suricata-1-4-5-released I've packaged these new releases and the new packages have been tested by David Zawdie. Thanks, David Upgrading The new packages are now available in our stable repo. Please see our Upgrade page for full upgrade instructions https code.google.com p security-onion wiki Upgrade These updates will do the following stop all NSM sensor processes terminate any remaining processes using PF_RING remove the existing PF_RING module build the new PF_RING module start all NSM sensor processes back up each of your existing snort.conf files to snort.conf.bak update Snort back up each of your existing suricata.yaml files to suricata.yaml.bak update Suricata You'll then need to do the following apply your local customizations to the new snort.conf or suricata.yaml files update ruleset and restart Snort Suricata as follows sudo rule-update Notes One change that I've made to our normal Snort config is the PF_RING clustermode. Previously, snort would default to clustermode 2 meaning that PF_RING would hash each stream to a particular Snort instance based solely on src and dst IP. So let's say you have multiple Snort instances in a PF_RING cluster and you run a series of curl testmyids.com tests. Each and every curl testmyids.com would be sent to the SAME Snort instance since the src and dst IP never change. With the new clustermode 4, the snort instance would be selected based on src dst IP and src dst port. So each time you do curl testmyids.com it will go to a different Snort instance in the PF_RING cluster. This results in more effective load balancing. Screenshots sudo soup upgrade process PF_RING 5.6.1, Snort 2.9.5.3, and Suricata 1.4.5 Updating ruleset and restarting Snort Suricata using sudo rule-update Feedback If you have any questions or problems, please use our mailing list https code.google.com p security-onion wiki MailingLists Help Wanted If you and or your organization have found value in Security Onion, please consider giving back to the community by joining one of our teams https code.google.com p security-onion wiki TeamMembers We especially need help in answering support questions on the mailing list and IRC channel. Thanks
Les mots clés de la revue de presse pour cet article : snort
Les videos sur SecuObs pour les mots clés : snort
Les mots clés pour les articles publiés sur SecuObs : snort
Les éléments de la revue Twitter pour les mots clé : snort
Les derniers articles du site "Security Onion" :
- Security Onion class is 1 week away
- Squert 1.1.5 package now available
- New securityonion-sostat package includes sostat-redacted
- Suricata 1.4.6 package now available
- New NSM Setup Packages now available
- Got DNS visibility
- New Video on OSSEC and ELSA
- Security Onion Training in Augusta GA on Saturday October 26
- New Security Onion Videos and Log Management class
- Security Onion 12.04.3 ISO image now available
Menu > Articles de la revue de presse : - l'ensemble [ tous | francophone] - par mots clé [ tous] - par site [ tous] - le tagwall [ voir] - Top bi-hebdo de la revue de presse [ Voir]
Si vous voulez bloquer ce service sur vos fils RSS :
- avec iptables "iptables -A INPUT -s 88.190.17.190 --dport 80 -j DROP"
- avec ipfw et wipfw "ipfw add deny from 88.190.17.190 to any 80"
- Nous contacter par mail
| Mini-Tagwall des articles publiés sur SecuObs : | | | | sécurité, exploit, windows, attaque, outil, microsoft, réseau, audit, metasploit, vulnérabilité, système, virus, internet, usbsploit, données, source, linux, protocol, présentation, scanne, réseaux, scanner, bluetooth, conférence, reverse, shell, meterpreter, vista, rootkit, détection, mobile, security, malicieux, engineering, téléphone, paquet, trames, https, noyau, utilisant, intel, wishmaster, google, sysun, libre |
| Mini-Tagwall de l'annuaire video : | | | | curit, security, biomet, metasploit, biometric, cking, password, windows, botnet, defcon, tutorial, crypt, xploit, exploit, lockpicking, linux, attack, wireshark, vmware, rootkit, conference, network, shmoocon, backtrack, virus, conficker, elcom, etter, elcomsoft, server, meterpreter, openvpn, ettercap, openbs, iphone, shell, openbsd, iptables, securitytube, deepsec, source, office, systm, openssh, radio |
| Mini-Tagwall des articles de la revue de presse : | | | | security, microsoft, windows, hacker, attack, network, vulnerability, google, exploit, malware, internet, remote, iphone, server, inject, patch, apple, twitter, mobile, virus, ebook, facebook, vulnérabilité, crypt, source, linux, password, intel, research, virtual, phish, access, tutorial, trojan, social, privacy, firefox, adobe, overflow, office, cisco, conficker, botnet, pirate, sécurité |
| Mini-Tagwall des Tweets de la revue Twitter : | | | | security, linux, botnet, attack, metasploit, cisco, defcon, phish, exploit, google, inject, server, firewall, network, twitter, vmware, windows, microsoft, compliance, vulnerability, python, engineering, source, kernel, crypt, social, overflow, nessus, crack, hacker, virus, iphone, patch, virtual, javascript, malware, conficker, pentest, research, email, password, adobe, apache, proxy, backtrack |
|
|
|
|
|
