CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2025-12-18 06:52:56 +01:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #622 from Security-Onion-Solutions/fix/1.2.2

Browse Source 
Fix/1.2.2
This commit is contained in:
Mike Reeves
2020-05-01 10:47:33 -04:00
committed by GitHub
parent 8b76b30266 aeebc893de
commit cb59d21f5a
7 changed files with 44 additions and 37 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
README.md
View File

@@ -1,3 +1,13 @@
## Hybrid Hunter Beta 1.2.2 - Beta 1
### Changes:
- Updated Saltstack to 2019.2.4 to address [CVE-2020-11651](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11651)
- Updated Suricata to 4.1.8 to address some possible security issues. Details [here](https://suricata-ids.org/2020/04/28/suricata-4-1-8-released/).
- Fixed an issue that was preventing Strelka to function properly.
- ISO installs should now use the built in docker containers instead of re-downloading them.
## Hybrid Hunter Beta 1.2.1 - Beta 1 ## Hybrid Hunter Beta 1.2.1 - Beta 1
### Changes: ### Changes:

2
VERSION
View File

@@ -1 +1 @@
1.2.1 1.2.2

30
salt/soc/files/kratos/kratos.yaml
View File

@@ -6,6 +6,13 @@ selfservice:
password: password:
enabled: true enabled: true
settings:
privileged_session_max_age: 1m
after:
profile:
hooks:
- hook: verify
verify: verify:
return_to: https://{{ WEBACCESS }}/ return_to: https://{{ WEBACCESS }}/
@@ -14,29 +21,14 @@ selfservice:
login: login:
request_lifespan: 10m request_lifespan: 10m
after:
password:
-
job: session
-
job: redirect
config:
default_redirect_url: https://{{ WEBACCESS }}/
allow_user_defined_redirect: true
registration: registration:
request_lifespan: 10m request_lifespan: 10m
after: after:
password: password:
- hooks:
job: verify - hook: session
- - hook: verify
job: session
-
job: redirect
config:
default_redirect_url: https://{{ WEBACCESS }}/
allow_user_defined_redirect: true
log: log:
level: debug level: debug
@@ -58,7 +50,7 @@ urls:
public: https://{{ WEBACCESS }}/auth/ public: https://{{ WEBACCESS }}/auth/
admin: https://{{ WEBACCESS }}/kratos/ admin: https://{{ WEBACCESS }}/kratos/
default_return_to: https://{{ WEBACCESS }}/ default_return_to: https://{{ WEBACCESS }}/
whitelisted_return_to_domains: whitelisted_return_to_urls:
- http://127.0.0.1 - http://127.0.0.1
hashers: hashers:

7
salt/soc/files/soc/changes.json
View File

@@ -1,6 +1,11 @@
{ {
"title": "Introducing Hybrid Hunter 1.2.1 Beta 1", "title": "Introducing Hybrid Hunter 1.2.2 Beta 1",
"changes": [ "changes": [
{ "summary": "Saltstack has been upgraded to 2019.2.4 to address CVE-2020-11651." },
{ "summary": "Updated Suricata to 4.1.8 to address some possible security issues." },
{ "summary": "Fixed an issue that was preventing Strelka to function properly." },
{ "summary": "ISO installs should now use the built in docker containers instead of re-downloading them." },
{ "summary": "Full support for Ubuntu 18.04. 16.04 is no longer supported for Hybrid Hunter." }, { "summary": "Full support for Ubuntu 18.04. 16.04 is no longer supported for Hybrid Hunter." },
{ "summary": "Introduction of the Security Onion Console. Once logged in you are directly taken to the SOC." }, { "summary": "Introduction of the Security Onion Console. Once logged in you are directly taken to the SOC." },
{ "summary": "New authentication using Kratos." }, { "summary": "New authentication using Kratos." },

8
salt/strelka/init.sls
View File

@@ -72,7 +72,7 @@ strelka_gatekeeper:
strelka_frontend: strelka_frontend:
docker_container.running: docker_container.running:
- image: {{ MASTER }}:5000/soshybridhunter/so-strelka-frontend:HH1.2.1 - image: {{ MASTER }}:5000/soshybridhunter/so-strelka-frontend:{{ VERSION }}
- binds: - binds:
- /opt/so/conf/strelka/frontend/:/etc/strelka/:ro - /opt/so/conf/strelka/frontend/:/etc/strelka/:ro
- /nsm/strelka/log/:/var/log/strelka/:rw - /nsm/strelka/log/:/var/log/strelka/:rw
@@ -84,7 +84,7 @@ strelka_frontend:
strelka_backend: strelka_backend:
docker_container.running: docker_container.running:
- image: {{ MASTER }}:5000/soshybridhunter/so-strelka-backend:HH1.2.1 - image: {{ MASTER }}:5000/soshybridhunter/so-strelka-backend:{{ VERSION }}
- binds: - binds:
- /opt/so/conf/strelka/backend/:/etc/strelka/:ro - /opt/so/conf/strelka/backend/:/etc/strelka/:ro
- /opt/so/conf/strelka/backend/yara:/etc/yara/:ro - /opt/so/conf/strelka/backend/yara:/etc/yara/:ro
@@ -94,7 +94,7 @@ strelka_backend:
strelka_manager: strelka_manager:
docker_container.running: docker_container.running:
- image: {{ MASTER }}:5000/soshybridhunter/so-strelka-manager:HH1.2.1 - image: {{ MASTER }}:5000/soshybridhunter/so-strelka-manager:{{ VERSION }}
- binds: - binds:
- /opt/so/conf/strelka/manager/:/etc/strelka/:ro - /opt/so/conf/strelka/manager/:/etc/strelka/:ro
- name: so-strelka-manager - name: so-strelka-manager
@@ -102,7 +102,7 @@ strelka_manager:
strelka_filestream: strelka_filestream:
docker_container.running: docker_container.running:
- image: {{ MASTER }}:5000/soshybridhunter/so-strelka-filestream:HH1.2.1 - image: {{ MASTER }}:5000/soshybridhunter/so-strelka-filestream:{{ VERSION }}
- binds: - binds:
- /opt/so/conf/strelka/filestream/:/etc/strelka/:ro - /opt/so/conf/strelka/filestream/:/etc/strelka/:ro
- /nsm/strelka:/nsm/strelka - /nsm/strelka:/nsm/strelka

22
setup/so-functions
View File

@@ -17,7 +17,7 @@
SCRIPTDIR=$(dirname "$0") SCRIPTDIR=$(dirname "$0")
source $SCRIPTDIR/so-whiptail source $SCRIPTDIR/so-whiptail
SOVERSION=1.2.1 SOVERSION=1.2.2
accept_salt_key_local() { accept_salt_key_local() {
echo "Accept the key locally on the master" >> $SETUPLOG 2>&1 echo "Accept the key locally on the master" >> $SETUPLOG 2>&1
@@ -818,10 +818,10 @@ install_master() {
else else
if [ $OSVER != "xenial" ]; then if [ $OSVER != "xenial" ]; then
apt-get install -y salt-common=2019.2.3+ds-1 salt-master=2019.2.3+ds-1 salt-minion=2019.2.3+ds-1 libssl-dev python-m2crypto apt-get install -y salt-common=2019.2.4+ds-1 salt-master=2019.2.4+ds-1 salt-minion=2019.2.4+ds-1 libssl-dev python-m2crypto
apt-mark hold salt-common salt-master salt-minion apt-mark hold salt-common salt-master salt-minion
else else
apt-get install -y salt-common=2019.2.3+ds-1 salt-master=2019.2.3+ds-1 salt-minion=2019.2.3+ds-1 libssl-dev python-m2crypto apt-get install -y salt-common=2019.2.4+ds-1 salt-master=2019.2.4+ds-1 salt-minion=2019.2.4+ds-1 libssl-dev python-m2crypto
apt-mark hold salt-common salt-master salt-minion apt-mark hold salt-common salt-master salt-minion
fi fi
fi fi
@@ -1233,17 +1233,17 @@ EOF
fi fi
yum clean expire-cache yum clean expire-cache
yum -y install epel-release salt-minion-2019.2.3 yum-utils device-mapper-persistent-data lvm2 openssl jq yum -y install epel-release salt-minion-2019.2.4 yum-utils device-mapper-persistent-data lvm2 openssl jq
yum -y update exclude=salt* yum -y update exclude=salt*
systemctl enable salt-minion systemctl enable salt-minion
if [ $INSTALLTYPE == 'MASTER' ] || [ $INSTALLTYPE == 'EVAL' ] || [ $INSTALLTYPE == 'HELIXSENSOR' ] || [ $INSTALLTYPE == 'MASTERSEARCH' ]; then if [ $INSTALLTYPE == 'MASTER' ] || [ $INSTALLTYPE == 'EVAL' ] || [ $INSTALLTYPE == 'HELIXSENSOR' ] || [ $INSTALLTYPE == 'MASTERSEARCH' ]; then
yum -y install salt-master-2019.2.3 python3 python36-m2crypto salt-minion-2019.2.3 python36-dateutil python36-mysql python36-docker yum -y install salt-master-2019.2.4 python3 python36-m2crypto salt-minion-2019.2.4 python36-dateutil python36-mysql python36-docker
systemctl enable salt-master systemctl enable salt-master
elif [ $INSTALLTYPE == 'FLEET' ]; then elif [ $INSTALLTYPE == 'FLEET' ]; then
yum -y install salt-minion-2019.2.3 python3 python36-m2crypto python36-dateutil python36-docker python36-mysql yum -y install salt-minion-2019.2.4 python3 python36-m2crypto python36-dateutil python36-docker python36-mysql
else else
yum -y install salt-minion-2019.2.3 python3 python36-m2crypto python36-dateutil python36-docker yum -y install salt-minion-2019.2.4 python3 python36-m2crypto python36-dateutil python36-docker
fi fi
echo "exclude=salt*" >> /etc/yum.conf echo "exclude=salt*" >> /etc/yum.conf
@@ -1298,11 +1298,11 @@ EOF
# Initialize the new repos # Initialize the new repos
apt-get update >> $SETUPLOG 2>&1 apt-get update >> $SETUPLOG 2>&1
if [ $OSVER != "xenial" ]; then if [ $OSVER != "xenial" ]; then
apt-get -y install salt-minion=2019.2.3+ds-1 salt-common=2019.2.3+ds-1 python3-dateutil python3-m2crypto sqlite3 argon2 curl jq openssl >> $SETUPLOG 2>&1 apt-get -y install salt-minion=2019.2.4+ds-1 salt-common=2019.2.4+ds-1 python3-dateutil python3-m2crypto sqlite3 argon2 curl jq openssl >> $SETUPLOG 2>&1
apt-mark hold salt-minion salt-common apt-mark hold salt-minion salt-common
else else
# Need to add python packages here # Need to add python packages here
apt-get -y install salt-minion=2019.2.3+ds-1 salt-common=2019.2.3+ds-1 python-dateutil python-m2crypto sqlite3 argon2 curl jq openssl >> $SETUPLOG 2>&1 apt-get -y install salt-minion=2019.2.4+ds-1 salt-common=2019.2.4+ds-1 python-dateutil python-m2crypto sqlite3 argon2 curl jq openssl >> $SETUPLOG 2>&1
apt-mark hold salt-minion salt-common apt-mark hold salt-minion salt-common
fi fi
else else
@@ -1329,11 +1329,11 @@ EOF
# Initialize the new repos # Initialize the new repos
apt-get update >> $SETUPLOG 2>&1 apt-get update >> $SETUPLOG 2>&1
if [ $OSVER != "xenial" ]; then if [ $OSVER != "xenial" ]; then
apt-get -y install salt-minion=2019.2.3+ds-1 salt-common=2019.2.3+ds-1 python3-dateutil python3-m2crypto >> $SETUPLOG 2>&1 apt-get -y install salt-minion=2019.2.4+ds-1 salt-common=2019.2.4+ds-1 python3-dateutil python3-m2crypto >> $SETUPLOG 2>&1
apt-mark hold salt-minion salt-common apt-mark hold salt-minion salt-common
else else
# Need to add python packages here # Need to add python packages here
apt-get -y install salt-minion=2019.2.3+ds-1 salt-common=2019.2.3+ds-1 python-dateutil python-m2crypto >> $SETUPLOG 2>&1 apt-get -y install salt-minion=2019.2.4+ds-1 salt-common=2019.2.4+ds-1 python-dateutil python-m2crypto >> $SETUPLOG 2>&1
apt-mark hold salt-minion salt-common apt-mark hold salt-minion salt-common
fi fi
fi fi

2
upgrade/so-update-functions
View File

@@ -17,7 +17,7 @@
# Set the new SO Version # Set the new SO Version
UPDATEVERSION=1.2.1 UPDATEVERSION=1.2.2
BUILD=HH BUILD=HH
#Determine the current install version #Determine the current install version