LiFTeR: Changes for May 18, 2022
- zeek{,-btest,-btest-data,-core,ctl,-devel,-libcaf-devel,-zkg}-4.2.1-1.x86_64.rpm, and libbroker-devel-4.2.1-1.x86_64.rpm -
Zeek is a powerful network analysis framework that is much different from the typical IDS you may know.
While focusing on network security monitoring, Zeek provides a comprehensive platform for more general network traffic analysis as well. Well grounded in more than 20 years of research, Zeek has successfully bridged the traditional gap between academia and operations since its inception. Today, it is relied upon operationally by both major companies and numerous educational and scientific institutions for securing their cyberinfrastructure.
See here for the changes for all versions of Zeek.
Zeek was originally developed by Vern Paxson. Robin Sommer now leads the project, jointly with a core team of researchers and developers at the International Computer Science Institute in Berkeley, CA; and the National Center for Supercomputing Applications in Urbana-Champaign, IL.
Please note: zeek packages install files in /opt/zeek. To use these files, add the following to your ~/.bashrc file:
[[ -d /opt/zeek/bin && ! "$PATH" =~ /opt/zeek/bin ]] && PATH=$PATH:/opt/zeek/bin
[[ -d /opt/zeek/share/man && ! "$MANPATH" =~ /opt/zeek/share/man ]] && MANPATH=$MANPATH:/opt/zeek/share/man
Then run:
. ~/.bashrc
- sleuthkit{,-devel,-libs}-4.11.1-2.1.{fc33,fc34,fc35,el7,el8,el9,amzn2}.x86_64.rpm -
The Sleuth Kit (TSK) is a library and collection of command line tools that allow you to investigate volume and file system data.
The only change was to update the revision number due to the relase of revision 2 for Fedora 36.
- pfring-8.1.0-7454.{el8,amzn2}.x86_64.rpm -
PF_Ring is a new type of network socket that dramatically improves the packet capture speed.
This package contains header files and libraries, among other files, to support the PF_Ring network socket.
Here is the announcement of PF_Ring 7.8.
- pfring-8.1.0-7443.el7.rpm -
PF_Ring is a new type of network socket that dramatically improves the packet capture speed.
This package contains header files and libraries, among other files, to support the PF_Ring network socket.
Here is the announcement of PF_Ring 7.8.
- pfring-dkms-8.1.0.7454-7454.{el8,amzn2}.noarch.rpm -
PF_Ring is a new type of network socket that dramatically improves the packet capture speed.
This package conains the code and supporting files needed to create the PF_Ring kernel module.
- pfring-dkms-8.1.0.7443-7443.el7.rpm -
PF_Ring is a new type of network socket that dramatically improves the packet capture speed.
This package conains the code and supporting files needed to create the PF_Ring kernel module.
- ndpi-4.3.0-3695.{el7,el8,amzn2}.x86_64.rpm -
ndpi is an open source LGPLv3 library for deep-packet inspection.
- lime-kernel-modules-fc35-x86_64-1.9.1-25.noarch.rpm -
Support for the following kernels were added for LiME:
- 5.17.7-200 for FC35
- fmem-kernel-modules-fc35-x86_64-1.6-1.25.noarch.rpm -
Support for the following kernels were added for Fmem:
- 5.17.7-200 for FC35
- fmem-kernel-modules-fc34-x86_64-1.6-1.49.noarch.rpm -
Support for the following kernels were added for Fmem:
- 5.17.7-100 for FC34
- lime-kernel-modules-fc34-x86_64-1.9.1-49.noarch.rpm -
Support for the following kernels were added for LiME:
- 5.17.7-100 for FC34
- Fedora 36 - The repository now supports Fedora 36
for the x86_64 CPU architecture.
Here is the list of tools provided for Fedora 36:
- fmem-kernel-modules-1.6-1.24.noarch.rpm -
This is a meta-package that requires all of the supporting kernel objects for Fmem.
Support for the Fedora 36 x86_64 architecture was added.
- lime-kernel-modules-1.1.r17-24.noarch.rpm -
This is a meta-package that requires all of the supporting kernel objects for LiME.
Support for the Fedora 36 x86_64 architecture was added.