[Oisf-users] Rust enabled Suricata 4.1 beta1 packages are available as well on our Ubuntu PPA

Peter Manev petermanev at gmail.com
Wed Mar 28 15:02:14 UTC 2018


Hi ,

RUST enabled Suricata 4.1 beta1 packages are available as well now for
Ubuntu on Ubuntu PPA (Launchpad) - for testing and feedback.

If you would like to enable and try the new features like for example full
SMB support and fileextraction - here is a quick how to from our
experimental repo:

add-apt-repository ppa:oisf/suricata-rust-experimental
apt-get update && apt-get install suricata

That repo includes experimental Rust enabled Suricata packages

   - 14.04 Trusty
   - 16.04 Xenial
   - 17.10 Artful
   - 18.04 Bionic

 32 and 64 bit packages available with the following architectures -

   - amd64
   - i386

Some of the new additions in 4.1 beta1 include (available in the package)
the tools:

   - suricata-update
   <http://suricata.readthedocs.io/en/latest/rule-management/suricata-update.html#rule-management-with-suricata-update>
   - suricatactl (for use with filestore v2
   <https://github.com/OISF/suricata/blob/master/suricata.yaml.in#L456>)

You can also get some help of how to use the tools by doing
"suricata-update -h" or "suricatactl -h"

The packages are build-in with:

   - *IPS (nfqueue) *
   -
*All JSON output
   <http://suricata.readthedocs.io/en/suricata-4.0.4/output/eve/eve-json-output.html>
   *
   - *GeoIP*
   <https://redmine.openinfosecfoundation.org/projects/suricata/wiki/GeoIP>
   - *Unix-Socket*
   <http://suricata.readthedocs.io/en/suricata-4.0.4/unix-socket.html?highlight=unix%20socket>
   - *Lua scripting*
   <http://suricata.readthedocs.io/en/suricata-4.0.4/rules/rule-lua-scripting.html?highlight=lua%20scripting>
   - *NSS(MD5)  enabled*
   <http://suricata.readthedocs.io/en/suricata-4.0.4/file-extraction/md5.html?highlight=MD5>
   - *PIE - Position Independent Executable *
   -
*Redis enabled support *

The Ubuntu

   - 18.04 Bionic
   - 17.10 Artful

distribution packages are with Hyperscan enabled by default for extra
performance.
(Your CPU needs to have the SSSE3 flag. You can check with - cat
/proc/cpuinfo)
By community request there is also available "suricata-dbg" (Suricata with
enabled debug features) package ready to use out of the box install:
"sudo apt-get install suricata-dbg".

Suricata 4.1 beta1 is available from our *suricata-rust-experimental*  PPA
repository.
More about Suricata 4.1 beta1 features and bug fixes:
https://suricata-ids.org/2018/03/23/suricata-41beta1-ready-for-testing/

How to:
https://redmine.openinfosecfoundation.org/projects/suricata/
wiki/Ubuntu_Installation_-_Personal_Package_Archives_%28PPA%29
Testing and feedback is welcome!

-- 
Regards,
Peter Manev
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openinfosecfoundation.org/pipermail/oisf-users/attachments/20180328/46c74882/attachment.html>


More information about the Oisf-users mailing list