CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2025-12-06 17:22:49 +01:00
Code Issues Packages Projects Releases Wiki Activity

merge with dev

Browse Source
This commit is contained in:
m0duspwnens
2021-10-04 10:39:48 -04:00
parent e0c097c270 e6fce4cf3e
commit 96d783b158
11 changed files with 47 additions and 20 deletions
Download Patch File Download Diff File Expand all files Collapse all files

22
VERIFY_ISO.md
View File

@@ -1,18 +1,18 @@
### 2.3.70-WAZUH ISO image built on 2021/08/30 ### 2.3.80 ISO image built on 2021/09/27
### Download and Verify ### Download and Verify
2.3.70-WAZUH ISO image: 2.3.80 ISO image:
https://download.securityonion.net/file/securityonion/securityonion-2.3.70-WAZUH.iso https://download.securityonion.net/file/securityonion/securityonion-2.3.80.iso
MD5: CEDEF3C38089896C252F9E3C75F7CB15 MD5: 24F38563860416F4A8ABE18746913E14
SHA1: FB420115C72DABDEB87C8B27F26E862C94628057 SHA1: F923C005F54EA2A17AB225ADA0DA46042707AAD9
SHA256: CC3E75A97163E9CD255DA0D9C3EB11922FA045651827F291025398943C1BC230 SHA256: 8E95D10AF664D9A406C168EC421D943CB23F0D0C1813C6C2DBA9B4E131984018
Signature for ISO image: Signature for ISO image:
https://github.com/Security-Onion-Solutions/securityonion/raw/master/sigs/securityonion-2.3.70-WAZUH.iso.sig https://github.com/Security-Onion-Solutions/securityonion/raw/master/sigs/securityonion-2.3.80.iso.sig
Signing key: Signing key:
https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/master/KEYS https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/master/KEYS
@@ -26,22 +26,22 @@ wget https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/ma
Download the signature file for the ISO: Download the signature file for the ISO:
``` ```
wget https://github.com/Security-Onion-Solutions/securityonion/raw/master/sigs/securityonion-2.3.70-WAZUH.iso.sig wget https://github.com/Security-Onion-Solutions/securityonion/raw/master/sigs/securityonion-2.3.80.iso.sig
``` ```
Download the ISO image: Download the ISO image:
``` ```
wget https://download.securityonion.net/file/securityonion/securityonion-2.3.70-WAZUH.iso wget https://download.securityonion.net/file/securityonion/securityonion-2.3.80.iso
``` ```
Verify the downloaded ISO image using the signature file: Verify the downloaded ISO image using the signature file:
``` ```
gpg --verify securityonion-2.3.70-WAZUH.iso.sig securityonion-2.3.70-WAZUH.iso gpg --verify securityonion-2.3.80.iso.sig securityonion-2.3.80.iso
``` ```
The output should show "Good signature" and the Primary key fingerprint should match what's shown below: The output should show "Good signature" and the Primary key fingerprint should match what's shown below:
``` ```
gpg: Signature made Mon 30 Aug 2021 06:13:14 PM EDT using RSA key ID FE507013 gpg: Signature made Mon 27 Sep 2021 08:55:01 AM EDT using RSA key ID FE507013
gpg: Good signature from "Security Onion Solutions, LLC <info@securityonionsolutions.com>" gpg: Good signature from "Security Onion Solutions, LLC <info@securityonionsolutions.com>"
gpg: WARNING: This key is not certified with a trusted signature! gpg: WARNING: This key is not certified with a trusted signature!
gpg: There is no indication that the signature belongs to the owner. gpg: There is no indication that the signature belongs to the owner.

2
VERSION
View File

@@ -1 +1 @@
2.3.80 2.3.90

7
salt/common/init.sls
View File

@@ -107,10 +107,17 @@ commonpkgs:
heldpackages: heldpackages:
pkg.installed: pkg.installed:
- pkgs: - pkgs:
{% if grains['oscodename'] == 'bionic' %}
- containerd.io: 1.4.4-1 - containerd.io: 1.4.4-1
- docker-ce: 5:20.10.5~3-0~ubuntu-bionic - docker-ce: 5:20.10.5~3-0~ubuntu-bionic
- docker-ce-cli: 5:20.10.5~3-0~ubuntu-bionic - docker-ce-cli: 5:20.10.5~3-0~ubuntu-bionic
- docker-ce-rootless-extras: 5:20.10.5~3-0~ubuntu-bionic - docker-ce-rootless-extras: 5:20.10.5~3-0~ubuntu-bionic
{% elif grains['oscodename'] == 'focal' %}
- containerd.io: 1.4.9-1
- docker-ce: 5:20.10.8~3-0~ubuntu-focal
- docker-ce-cli: 5:20.10.5~3-0~ubuntu-focal
- docker-ce-rootless-extras: 5:20.10.5~3-0~ubuntu-focal
{% endif %}
- hold: True - hold: True
- update_holds: True - update_holds: True

2
salt/common/tools/sbin/so-firewall
View File

@@ -71,7 +71,7 @@ def checkApplyOption(options):
def loadYaml(filename): def loadYaml(filename):
file = open(filename, "r") file = open(filename, "r")
return yaml.load(file.read()) return yaml.safe_load(file.read())
def writeYaml(filename, content): def writeYaml(filename, content):
file = open(filename, "w") file = open(filename, "w")

4
salt/elastalert/init.sls
View File

@@ -111,13 +111,13 @@ so-elastalert:
- image: {{ MANAGER }}:5000/{{ IMAGEREPO }}/so-elastalert:{{ VERSION }} - image: {{ MANAGER }}:5000/{{ IMAGEREPO }}/so-elastalert:{{ VERSION }}
- hostname: elastalert - hostname: elastalert
- name: so-elastalert - name: so-elastalert
- user: elastalert - user: so-elastalert
- detach: True - detach: True
- binds: - binds:
- /opt/so/rules/elastalert:/opt/elastalert/rules/:ro - /opt/so/rules/elastalert:/opt/elastalert/rules/:ro
- /opt/so/log/elastalert:/var/log/elastalert:rw - /opt/so/log/elastalert:/var/log/elastalert:rw
- /opt/so/conf/elastalert/modules/:/opt/elastalert/modules/:ro - /opt/so/conf/elastalert/modules/:/opt/elastalert/modules/:ro
- /opt/so/conf/elastalert/elastalert_config.yaml:/opt/config/elastalert_config.yaml:ro - /opt/so/conf/elastalert/elastalert_config.yaml:/opt/elastalert/config.yaml:ro
- extra_hosts: - extra_hosts:
- {{MANAGER_URL}}:{{MANAGER_IP}} - {{MANAGER_URL}}:{{MANAGER_IP}}
- require: - require:

6
salt/mysql/init.sls
View File

@@ -22,7 +22,11 @@ mysqlpkgs:
- skip_suggestions: False - skip_suggestions: False
- pkgs: - pkgs:
{% if grains['os'] != 'CentOS' %} {% if grains['os'] != 'CentOS' %}
- python-mysqldb {% if grains['oscodename'] == 'bionic' %}
- python3-mysqldb
{% elif grains['oscodename'] == 'focal' %}
- python3-mysqldb
{% endif %}
{% else %} {% else %}
- MySQL-python - MySQL-python
{% endif %} {% endif %}

7
salt/salt/init.sls
View File

@@ -2,8 +2,13 @@
saltpymodules: saltpymodules:
pkg.installed: pkg.installed:
- pkgs: - pkgs:
- python-docker {% if grains['oscodename'] == 'bionic' %}
- python-m2crypto - python-m2crypto
- python-docker
{% elif grains['oscodename'] == 'focal' %}
- python3-m2crypto
- python3-docker
{% endif %}
{% endif %} {% endif %}
salt_bootstrap: salt_bootstrap:

4
salt/salt/scripts/bootstrap-salt.sh
View File

@@ -3082,7 +3082,11 @@ install_ubuntu_git_deps() {
__PACKAGES="${__PACKAGES} python3-setuptools" __PACKAGES="${__PACKAGES} python3-setuptools"
else else
# There is no m2crypto package for Py3 at this time - only install for Py2 # There is no m2crypto package for Py3 at this time - only install for Py2
if [ $DISTRO_CODENAME == "focal" ]; then
__PACKAGES="${__PACKAGES} python3-m2crypto"
else
__PACKAGES="${__PACKAGES} python-m2crypto" __PACKAGES="${__PACKAGES} python-m2crypto"
fi
fi fi
__PACKAGES="${__PACKAGES} python${PY_PKG_VER}-crypto python${PY_PKG_VER}-jinja2" __PACKAGES="${__PACKAGES} python${PY_PKG_VER}-crypto python${PY_PKG_VER}-jinja2"

4
salt/ssl/init.sls
View File

@@ -42,7 +42,11 @@ m2cryptopkgs:
pkg.installed: pkg.installed:
- skip_suggestions: False - skip_suggestions: False
- pkgs: - pkgs:
{% if grains['oscodename'] == 'bionic' %}
- python-m2crypto - python-m2crypto
{% elif grains['oscodename'] == 'focal' %}
- python3-m2crypto
{% endif %}
{% endif %} {% endif %}
removefbcertdir: removefbcertdir:

9
setup/so-functions
View File

@@ -1104,8 +1104,8 @@ detect_os() {
OS=ubuntu OS=ubuntu
if grep -q "UBUNTU_CODENAME=bionic" /etc/os-release; then if grep -q "UBUNTU_CODENAME=bionic" /etc/os-release; then
OSVER=bionic OSVER=bionic
elif grep -q "UBUNTU_CODENAME=xenial" /etc/os-release; then elif grep -q "UBUNTU_CODENAME=focal" /etc/os-release; then
OSVER=xenial OSVER=focal
else else
echo "We do not support your current version of Ubuntu." echo "We do not support your current version of Ubuntu."
exit 1 exit 1
@@ -2159,9 +2159,12 @@ saltify() {
else else
DEBIAN_FRONTEND=noninteractive retry 50 10 "apt-get -y -o Dpkg::Options::=\"--force-confdef\" -o Dpkg::Options::=\"--force-confold\" upgrade" >> "$setup_log" 2>&1 || exit 1 DEBIAN_FRONTEND=noninteractive retry 50 10 "apt-get -y -o Dpkg::Options::=\"--force-confdef\" -o Dpkg::Options::=\"--force-confold\" upgrade" >> "$setup_log" 2>&1 || exit 1
if [ $OSVER != "xenial" ]; then if [ $OSVER == "bionic" ]; then
# Switch to Python 3 as default if this is not xenial # Switch to Python 3 as default if this is not xenial
update-alternatives --install /usr/bin/python python /usr/bin/python3.6 10 >> "$setup_log" 2>&1 update-alternatives --install /usr/bin/python python /usr/bin/python3.6 10 >> "$setup_log" 2>&1
elif [ $OSVER == "focal" ]; then
# Switch to Python 3 as default if this is not xenial
update-alternatives --install /usr/bin/python python /usr/bin/python3.8 10 >> "$setup_log" 2>&1
fi fi
local pkg_arr=( local pkg_arr=(

BIN
sigs/securityonion-2.3.80.iso.sig Normal file
View File

Binary file not shown.