CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2025-12-06 17:22:49 +01:00
Code Issues Packages Projects Releases Wiki Activity

Merge branch 'master' into kilo

Browse Source
This commit is contained in:
Jason Ertel
2021-07-27 14:40:31 -04:00
parent 3a022e7a83 1caa361e22
commit ceb82cb863
6 changed files with 20 additions and 17 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
HOTFIX
View File

@@ -1 +1 @@
STENODOCKER

22
VERIFY_ISO.md
View File

@@ -1,18 +1,18 @@
### 2.3.61 ISO image built on 2021/07/22 ### 2.3.61-STENODOCKER ISO image built on 2021/07/26
### Download and Verify ### Download and Verify
2.3.61 ISO image: 2.3.61-STENODOCKER ISO image:
https://download.securityonion.net/file/securityonion/securityonion-2.3.61.iso https://download.securityonion.net/file/securityonion/securityonion-2.3.61-STENODOCKER.iso
MD5: 538F29F3AB57087FC879108FFC81447C MD5: 10815F1F816E75BF15F331B39CB5EBEC
SHA1: C2239206572CBEB697CFA2A4850A16A54BF5FB0D SHA1: 2D4F4ACA6FBA35563D76C1296A6A774FF73D67FD
SHA256: F5035361B63D1EE8D87CE7B0D8333E521A44453274785B62630CAC76C1BEA929 SHA256: D9C927C07A2B29C0BD93B1349EB750D4E3CF7F553A14D3EF90593BA660936821
Signature for ISO image: Signature for ISO image:
https://github.com/Security-Onion-Solutions/securityonion/raw/master/sigs/securityonion-2.3.61.iso.sig https://github.com/Security-Onion-Solutions/securityonion/raw/master/sigs/securityonion-2.3.61-STENODOCKER.iso.sig
Signing key: Signing key:
https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/master/KEYS https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/master/KEYS
@@ -26,22 +26,22 @@ wget https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/ma
Download the signature file for the ISO: Download the signature file for the ISO:
``` ```
wget https://github.com/Security-Onion-Solutions/securityonion/raw/master/sigs/securityonion-2.3.61.iso.sig wget https://github.com/Security-Onion-Solutions/securityonion/raw/master/sigs/securityonion-2.3.61-STENODOCKER.iso.sig
``` ```
Download the ISO image: Download the ISO image:
``` ```
wget https://download.securityonion.net/file/securityonion/securityonion-2.3.61.iso wget https://download.securityonion.net/file/securityonion/securityonion-2.3.61-STENODOCKER.iso
``` ```
Verify the downloaded ISO image using the signature file: Verify the downloaded ISO image using the signature file:
``` ```
gpg --verify securityonion-2.3.61.iso.sig securityonion-2.3.61.iso gpg --verify securityonion-2.3.61-STENODOCKER.iso.sig securityonion-2.3.61-STENODOCKER.iso
``` ```
The output should show "Good signature" and the Primary key fingerprint should match what's shown below: The output should show "Good signature" and the Primary key fingerprint should match what's shown below:
``` ```
gpg: Signature made Thu 22 Jul 2021 10:28:58 AM EDT using RSA key ID FE507013 gpg: Signature made Mon 26 Jul 2021 04:34:58 PM EDT using RSA key ID FE507013
gpg: Good signature from "Security Onion Solutions, LLC <info@securityonionsolutions.com>" gpg: Good signature from "Security Onion Solutions, LLC <info@securityonionsolutions.com>"
gpg: WARNING: This key is not certified with a trusted signature! gpg: WARNING: This key is not certified with a trusted signature!
gpg: There is no indication that the signature belongs to the owner. gpg: There is no indication that the signature belongs to the owner.

2
salt/nginx/etc/nginx.conf
View File

@@ -149,7 +149,7 @@ http {
root /opt/socore/html; root /opt/socore/html;
index index.html; index index.html;
add_header Content-Security-Policy "default-src 'self' 'unsafe-inline' 'unsafe-eval' https: data: blob:; frame-ancestors 'self'"; add_header Content-Security-Policy "default-src 'self' 'unsafe-inline' 'unsafe-eval' https: data: blob: wss:; frame-ancestors 'self'";
add_header X-Frame-Options SAMEORIGIN; add_header X-Frame-Options SAMEORIGIN;
add_header X-XSS-Protection "1; mode=block"; add_header X-XSS-Protection "1; mode=block";
add_header X-Content-Type-Options nosniff; add_header X-Content-Type-Options nosniff;

5
salt/pcap/init.sls
View File

@@ -111,6 +111,7 @@ stenolog:
so-steno: so-steno:
docker_container.{{ STENOOPTIONS.status }}: docker_container.{{ STENOOPTIONS.status }}:
{% if STENOOPTIONS.status == 'running' %}
- image: {{ MANAGER }}:5000/{{ IMAGEREPO }}/so-steno:{{ VERSION }} - image: {{ MANAGER }}:5000/{{ IMAGEREPO }}/so-steno:{{ VERSION }}
- start: {{ STENOOPTIONS.start }} - start: {{ STENOOPTIONS.start }}
- network_mode: host - network_mode: host
@@ -126,6 +127,9 @@ so-steno:
- /opt/so/log/stenographer:/var/log/stenographer:rw - /opt/so/log/stenographer:/var/log/stenographer:rw
- watch: - watch:
- file: /opt/so/conf/steno/config - file: /opt/so/conf/steno/config
{% else %} {# if stenographer isn't enabled, then stop and remove the container #}
- force: True
{% endif %}
append_so-steno_so-status.conf: append_so-steno_so-status.conf:
file.append: file.append:
@@ -133,7 +137,6 @@ append_so-steno_so-status.conf:
- text: so-steno - text: so-steno
- unless: grep -q so-steno /opt/so/conf/so-status/so-status.conf - unless: grep -q so-steno /opt/so/conf/so-status/so-status.conf
{% if not STENOOPTIONS.start %} {% if not STENOOPTIONS.start %}
so-steno_so-status.disabled: so-steno_so-status.disabled:
file.comment: file.comment:

2
salt/pcap/map.jinja
View File

@@ -9,7 +9,7 @@
{% endif %} {% endif %}
{% if ENABLED is sameas false %} {% if ENABLED is sameas false %}
{% do STENOOPTIONS.update({'status': 'stopped'}) %} {% do STENOOPTIONS.update({'status': 'absent'}) %}
{% else %} {% else %}
{% do STENOOPTIONS.update({'status': 'running'}) %} {% do STENOOPTIONS.update({'status': 'running'}) %}
{% endif %} {% endif %}

BIN
sigs/securityonion-2.3.61-STENODOCKER.iso.sig Normal file
View File

Binary file not shown.