Hello Linux Geeksters. As you may know, Suricata is an open source Network IDS, IPS and Network Security Monitoring engine, developed by the Open Information Security Foundation (OISF). The latest version available is Suricata 2.0.5, which has been recently released, coming with the below bug-fixes:
- http_header keyword not matching when SYN|ACK and ACK missing
- EVE output Unix domain socket not working
- Segfault in libhtp 0.5.15
- Filestore keyword parsing issue
- improve stream ‘bad window update’ detection
- improve stream handling of bad SACK values
- fix tcp session reuse for ssh/ssl sessions
- byte_extract, within combination not working
- pcre pkt/flowvar capture broken for non-relative matches
- Invalid rule being processed and loaded
- Flow memuse bookkeeping error
In this article I will show you how to install Suricata 2.0.5 on Ubuntu 14.10 Utopic Unicorn, Ubuntu 14.04 Trusty Tahr, Ubuntu 12.04 Precise Pangolin, Linux Mint 17.1 Rebecca, Linux Mint 17 Qiana, Linux Mint 13 Maya, Pinguy OS 14.04, LXLE 14.04, Elementary OS 0.3 Freya, Elementary OS 0.2 Luna, Deepin 2014, Peppermint Five, LXLE 14.04, Linux Lite 2.0 and other Ubuntu derivative systems.
Because it will be available via PPA soon, installing Suricata 2.0.5 on the listed Ubuntu 14.10, Ubuntu 14.04, Ubuntu 12.04 and derivative systems is easy. Follow the below instructions exactly, in order to get a successful installation.
$ sudo add-apt-repository ppa:oisf/suricata-stable
$ sudo apt-get update
$ sudo apt-get install suricata
Optional, to remove suricata, do:
$ sudo apt-get remove suricata
