SNEZ Activity
Brought to you by:
gguinter
Activity for SNEZ
-
SNEZ released /User-submitted Recipes, etc/Suricata804-RockyLinux10-SNEZ431-AIO-guide.txt
-
Gene Guinter posted a comment on a wiki page
A new folder had been created for user-submitted recipes and other contributions and I've added an excellent user-submitted recipe file for installing Suricata and SNEZ on AlmaLinux. While I have not personally tested the instructions, I feel the document is of significant value in helping someone setup an IDS system using SNEZ 4.3, describing some of the more difficult aspects and potential pitfalls perhaps better than I could. It also contains some good suggestions for improving SNEZ that I'll...
-
-
SNEZ v3 is being deprecated. Hotfixes will no longer be provided, and all files related to v3 will be deleted sometime after 6/1/2025. SNEZ v4 will be the only version receiving new releases, updates and fixes. Send questions or comments to gene@geneguinter.com
-
SNEZ 4.3.1 is an optional upgrade. It fixes a few minor documentation issues and updates copyright information. If you are already running 4.3, there is no need to update.
-
-
-
-
-
SNEZ 4.3.1 Updates copyright information and fixes documentation issues
-
-
-
Two more Hotfixes were released today. All hotfixes are now in a Hotfix subfolder of 'SNEZ ver4 Downloads' in tar.gz format. A README file there describes all available hotfixes. Also, HF20240101 has been revised and uploaded to correctly expand the 'interface' field everywhere. Reapply it to prevent truncation of the interface field in filters and on the database if your interface is larger that 10 characters. * Hotfix HF20241013 ******* This fixes problems with the improper reporting of jsonstash...
-
SNEZ 4.3 renamed SNEZlogger README file
-
SNEZ 4.3 corrected README-SNEZlogger run instructions
-
SNEZ 4.3 added SNEZlogger and README-SNEZlogger
-
SNEZ 4.3 correct instructions in README for upgrades
-
SNEZ 4.3
-
SNEZ 4.3
-
SNEZ 4.3 was released today fixing several issues: -truncated eth interface fields -truncated alert classification field - jsonstash skipping alerts containing embedded single quotes and sometimes crashing -not properly reflecting jsonstash's up/down status on the summary screen Additionally, a new program, SNEZlogger is introduced which serves as a simple console alert logger. It reads the json file and formats some basic alert info into a readable form. It can be run from the extracted tar.gz file...
-
-
-
-
Two more Hotfixes were released today. All hotfixes are now in a Hotfix subfolder of 'SNEZ ver4 Downloads' in tar.gz format. A README file there describes all available hotfixes. Also, HF20240101 has been revised and uploaded to correctly expand the 'interface' field everywhere. Reapply it to prevent truncation of the interface field in filters and on the database if your interface is larger that 10 characters. * Hotfix HF20241013 ******* This fixes problems with the improper reporting of jsonstash...
-
-
-
-
-
-
Two hotfixes released today. Both apply to SNEZ 4.x. HF20241001 expands the interface field in the SNEZ config to 16 characters to be compatible with modern Linux kernels. HF20241003 expands the alert classification field in the SNEZ database. Classifications are truncated, and in some cases causes alerts not to be added to the SNEZ database.
-
-
-
-
-
-
-
-
Hotfix HF20211010 fixes ownership/permissions in SNEZ 3.7.x (does not apply to SNEZ 4.x). Fixes- files in SNEZ document root may be added or altered if SNEZ or underlying system is otherwise compromised
-
-
-
SNEZ 4.2 was pushed out today to quickly address both an install problem with SNEZ 4.1 and to address a security issue --symlinks for json and archive utilities point to older or non-existent files after install or upgrade to SNEZ 4.1 --improper folder ownership/permission could result in files added (not altered) to document root (currently no known vectors)
-
-
SNEZ 4.2
-
SNEZ 4.2 Correct install.sh makes bad links for json and archive utilities
-
SNEZ 4.2- tar file packaged with incorrect user/permissions for SNEZ and install directories
-
SNEZ 4.2
-
-
Hotfix HF20211006 fixes problems with filter timestamps in version 3.7.x. Significant problems to SNEZ 3.7.x are now addressed through hotfixes only; no new releases. SNEZ 4.x is the current version.
-
-
-
-
SNEZ 4.1 is a minor maintenance release. Fixes: Filters are added with an incorrect minutes in the timestamp Problem rotating ids json output Others- See README for full list of fixes
-
-
SNEZ 4.1 maintenance release- fixes filter timestamp, fixes problems rolling log and json files, removes FreeBSD references
-
SNEZ 4.1 - minor fix to install instructions in README
-
-
SNEZ 4.0 is now the default download. If you still need processing of unified2 output, or Snort(c) 2.x compatibility you need SNEZ 3.7.4 here- https://sourceforge.net/projects/snez/files/SNEZ%20v3%20downloads/SNEZ-3.7.4.tar.gz/download Note: Each version has it's own README file in the SNEZ v[x] Downloads folders.
-
-
SNEZ 4.0 is now the default download. If you still need processing of unified2 output, you need SNEZ 3.7.4 here- https://sourceforge.net/projects/snez/files/SNEZ%20v3%20downloads/SNEZ-3.7.4.tar.gz/download Note: Each version has it's own README file in the SNEZ v[x] Downloads folders.
-
-
-
SNEZ 4.0 has been released, with the following goals in mind: -shorten the testing window providing for faster release of new code -be less distro-dependent -allow for better adherence to file hierarchy standards or special install requirements -allow install on a device apart from the IDS/IPS platform (ie., run on a dedicated machine or VM) Some features have been removed: -unified2 compatibility (third-party unified2 to JSON file conversion tools are available) -Snort(c) 2.x compatibility (V3 has...
-
-
-
SNEZ 4.0 Initial Commit
-
SNEZ 3.7.4 is a minor maintenance release -corrects jsonreader extraneous lines -corrects an error with warn flag descriptions if filters are suppressed
-
-
-
-
SNEZ 3.7.4
-
SNEZ 3.7.3 is a minor maintenance release - corrects install doc for use with Snort(c) 3.x - uses correct path when checking if Snort(c) 3.x is running - corrects an error with warn flag descriptions
-
-
-
-
-
-
SNEZ 3.7.3
-
Having tested against the GA of Snort 3, some additional requirements have come to light. The following is necessary to run with Snort 3, pending fixes and/or better documentation in future maintenance releases: Start Snort with the -y option to include the year in output. SNEZ will not work properly without this. The json reader function (jsonreader.php) will not produce any output unless- usermod -a -G snort apache (or www-data, etc depending on the apache user for your system) chmod g+x /var/log/snort...
-
-
-
-
-
-
SNEZ 3.7.2 Fixes- killjsonstash and SNEZtcpdump.php leaves child processes
-
SNEZ 3.7.2 - kill tcpdump doesn't work depending on length of pid
-
SNEZ 3.7.2 fix issues with last commit
-
SNEZ 3.7.2 - fix uninstall not removing /var/log/snez if archives there
-
-
-
-
-
-
SNEZ 3.7.1 - fix page help, deprecate mdl update, copyright info for 2021
-
Experimental .deb and .rpm install instructions incorrect- wrong path
-
Analyze view doesn’t show items marked with a custom warn flag
1 >
