[Oisf-users] Rust enabled Suricata 4.1 beta1 packages are available as well on our Ubuntu PPA
Peter Manev
petermanev at gmail.com
Wed Mar 28 15:02:14 UTC 2018
Hi ,
RUST enabled Suricata 4.1 beta1 packages are available as well now for
Ubuntu on Ubuntu PPA (Launchpad) - for testing and feedback.
If you would like to enable and try the new features like for example full
SMB support and fileextraction - here is a quick how to from our
experimental repo:
add-apt-repository ppa:oisf/suricata-rust-experimental
apt-get update && apt-get install suricata
That repo includes experimental Rust enabled Suricata packages
- 14.04 Trusty
- 16.04 Xenial
- 17.10 Artful
- 18.04 Bionic
32 and 64 bit packages available with the following architectures -
- amd64
- i386
Some of the new additions in 4.1 beta1 include (available in the package)
the tools:
- suricata-update
<http://suricata.readthedocs.io/en/latest/rule-management/suricata-update.html#rule-management-with-suricata-update>
- suricatactl (for use with filestore v2
<https://github.com/OISF/suricata/blob/master/suricata.yaml.in#L456>)
You can also get some help of how to use the tools by doing
"suricata-update -h" or "suricatactl -h"
The packages are build-in with:
- *IPS (nfqueue) *
-
*All JSON output
<http://suricata.readthedocs.io/en/suricata-4.0.4/output/eve/eve-json-output.html>
*
- *GeoIP*
<https://redmine.openinfosecfoundation.org/projects/suricata/wiki/GeoIP>
- *Unix-Socket*
<http://suricata.readthedocs.io/en/suricata-4.0.4/unix-socket.html?highlight=unix%20socket>
- *Lua scripting*
<http://suricata.readthedocs.io/en/suricata-4.0.4/rules/rule-lua-scripting.html?highlight=lua%20scripting>
- *NSS(MD5) enabled*
<http://suricata.readthedocs.io/en/suricata-4.0.4/file-extraction/md5.html?highlight=MD5>
- *PIE - Position Independent Executable *
-
*Redis enabled support *
The Ubuntu
- 18.04 Bionic
- 17.10 Artful
distribution packages are with Hyperscan enabled by default for extra
performance.
(Your CPU needs to have the SSSE3 flag. You can check with - cat
/proc/cpuinfo)
By community request there is also available "suricata-dbg" (Suricata with
enabled debug features) package ready to use out of the box install:
"sudo apt-get install suricata-dbg".
Suricata 4.1 beta1 is available from our *suricata-rust-experimental* PPA
repository.
More about Suricata 4.1 beta1 features and bug fixes:
https://suricata-ids.org/2018/03/23/suricata-41beta1-ready-for-testing/
How to:
https://redmine.openinfosecfoundation.org/projects/suricata/
wiki/Ubuntu_Installation_-_Personal_Package_Archives_%28PPA%29
Testing and feedback is welcome!
--
Regards,
Peter Manev
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openinfosecfoundation.org/pipermail/oisf-users/attachments/20180328/46c74882/attachment.html>
More information about the Oisf-users
mailing list