Re: IPFire meets Suricata - Call for tester

[Stefan Schantl <stefan.schantl@ipfire.org>]

[-- Attachment #1: Type: text/plain, Size: 3637 bytes --]

Hello Ville,

thanks for joining the testing team.

There is currently no update from an existing IPFire installation to
the suricata containing one. So you have to create backups, do a fresh
installation and then restore your backups.

If possible and some test hardware is available, please install the
image on a different machine than your productive one.

Best regards,

-Stefan


> Hello,
> 
> Thx for bringing this update!
> 
> Is it ok to update my stable version of ipfire core 126 or should I
> install this suricata version and then use backups to get my data and
> settings back?
> 
> -Ville-
> 
> 
> > On 6 Feb 2019, at 10.58, Stefan Schantl <stefan.schantl(a)ipfire.org>
> > wrote:
> > 
> > Hello list,
> > 
> > today im very happy to announce a new test image with the latest
> > snapshot of the process bringing suricata to all of you.
> > 
> > The image is now hosted and provided by the nightly build feature
> > (a
> > big thanks to Michael for providing this) of IPFire, so if
> > development
> > goes on, every time a new image will be generated and easily can be
> > downloaded.
> > 
> > The latest image always can be grabbed from here:
> > 
> > https://nightly.ipfire.org/next-suricata/latest/x86_64/
> > 
> > Direct link for downloading the ISO image:
> > 
> > https://nightly.ipfire.org/next-suricata/latest/x86_64/ipfire-2.21.x86_64-full-core128.isof
> > 
> > There is currently one known issue, that any kind of snort rules
> > (sourcefire) currenty can not be downloaded, so you have to use the
> > rulesets from emergingthreads for testing. This issue will be fixed
> > with the next image provided by the nightly build service.
> > 
> > Thanks for downloading and testing, as usual please file any bugs
> > to
> > our bugtracker (https://bugzilla.ipfire.org) and share your
> > feedback on
> > this list.
> > 
> > Best regards,
> > 
> > -Stefan
> > 
> > 
> > > Hello list followers,
> > > 
> > > some time ago development for the new implementation of the
> > > Intrusion
> > > Detection functionality in IPFire has been started.
> > > 
> > > The main goal, in a nutshell, was to give IPFire a modern,
> > > feature-
> > > rich 
> > > and user-friendly Intrusion Detection Engine. During this
> > > progress,
> > > the
> > > detection framework has been replaced - now suricata is used
> > > instead
> > > of
> > > snort.
> > > 
> > > Suricata uses a very modern and multi-threaded detection engine
> > > with
> > > support to perform actions on malicious traffic. So it provides
> > > the
> > > functionality of detecting any kind of intrusion attempts and the
> > > ability of guardian to block them under the same hood.
> > > 
> > > It was a lot of work, but finaly I'm happy to announce the first
> > > test
> > > version. It is almost feature complete and without any kind of
> > > bigger
> > > issues.
> > > 
> > > Because Intrusion Detection is a key feature of a firewall
> > > system, a
> > > lot of testing is required until the new implementation can
> > > become
> > > part
> > > of IPFire - therefore we need your help!
> > > 
> > > Download the test image (
> > > https://people.ipfire.org/~stevee/suricata/Images/), do a lot of
> > > hard
> > > testing and provide your feedback or suggestions on the
> > > develoment
> > > mailing list (
> > > https://lists.ipfire.org/mailman/listinfo/development).
> > > 
> > > If you find any bugs please file them in the IPFire Bugtracker (
> > > https://bugzilla.ipfire.org/).
> > > 
> > > Many thanks in advance,
> > > 
> > > -Stefan

[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 833 bytes --]