<img height="1" width="1" style="display:none;" alt="" src="https://px.ads.linkedin.com/collect/?pid=2180921&amp;fmt=gif">

SELKS5 RC1 - Threat Hunting and more...

Hi!
Yet another upgrade of our SELKS. We are very thankful to all the great  Open Source projects and tools for making it possible to showcase Suricata with our new distro.
Features and fixes post SELKS 5 Beta :

  • Elasticsearch 6.5.3
  • Logstash 6.5.3
  • Kibana 6.5.3
  • Moloch 1.6.2  -  The new SELKS makes use of Moloch and Moloch viewer to parse and view the full packet capture done by Suricata. Moloch comes with an arsenal of tools and features on its own like:
    • CyberChef
    • Extremely flexible and easy to use interface for FPC drill down, filtering,search and pcap export
  • Scirius 3.1.0 CE
      • Administration, ruleset and threat hunting management
      • Blazing fast drill down and search capability through millions of events with milliseconds response time
      • Easy filter and grouping of alerts
      • Any field and action is selectable and searchable
      • Select or negate filter
      • Order and set up your own threat hunting dashboard in seconds with drag and drop functionality

     

    Scirus Alerting rules event details
    Scirus Alerting rules event details

     

  • Suricata  - always latest git edition and features available.
  • SELKS scripts upgrade
    • available now system wide in "/usr/bin"
    • Full packet Capture retention policy - thanks Joren0494 !
  • Thank you for all the major community contributors form the community
  • Debian - always thankful !
  • EveBox - always the latest and very thankful for your support and extremely fast bug fixing and feature addition

Read more about the features and browse through screenshots of major SELKS 5 release 

SELKS is both Live and installable Network Security Management ISO based on Debian implementing and focusing on a complete and ready to use Suricata IDS/IPS ecosystem with its own graphic rule manager. Stamus Networks is a proud member of the Open Source community and SELKS is released under GPLv3 license.

Download

To download SELKS 5, pick one of the two flavors:

SELKS with desktop
  • HTTP: SELKS-5.0RC1-desktop.iso
  • MD5sum: 192aa38436dcee6c98a6ae36d9e3b7df
  • Sha1sum: f48c0fe1edaaa8817c0a9043cb29e3edee4af93e
  • Sha256sum: 9f55a9ff4ee5c4c3c67646d0d5ae4e343f01f6abaf8e433ee9e3e78426c2f3e7
SELKS without desktop
  • HTTP: SELKS-5.0RC1-nodesktop.iso
  • MD5sum: 27733887bd1ad20c61d9be4973a66074
  • Sha1sum: dde637f8639254879ada06b9b68e691c3c904748
  • Sha256sum: b32370a35785f336d863d763372820ec13987c3a83a974f26d849eb81f721f4f

Usage

You can find the start instruction including the initial setup script usage on SELKS 5.0 wiki page.

SELKS 4 user can upgrade their running systems using the following Upgrade instructions.

 

Feedback is welcome

Any feedback as always is greatly appreciated! :)

Give us feedback and get help on:

While this test upgrade/installation has been verified and tested please make sure you try it in your test/QA set up first.

Thank you!

 

Peter Manev

Peter Manev is the co-founder and chief strategy officer (CSO) at Stamus Networks. He is a member of the executive team at Open Network Security Foundation (OISF). Peter has over 15 years of experience in the IT industry, including enterprise-level IT security practice. He is a passionate user, developer, and explorer of innovative open-source security software, and he is responsible for training as well as quality assurance and testing on the development team of Suricata – the open-source threat detection engine. Peter is a regular speaker and educator on open-source security, threat hunting, and network security at conferences and live-fire cyber exercises, such as Crossed Swords, DeepSec, Troopers, DefCon, RSA, Suricon, SharkFest, and others. Peter resides in Gothenburg, Sweden.

Schedule a Demo of Stamus Security Platform

REQUEST A DEMO

Related posts

Introducing Clear NDR™

At Stamus Networks, we have always been driven by a commitment to openness, transparency, and...

Uncovered: SSP Identifies Massive Breach During Evaluation

For many organizations considering Network Detection and Response (NDR), one of the most valuable...

Uncovered with Stamus Security Platform: Lateral Active Exploits

In this series of articles, we explore a set of use cases that we have encountered in real-world...