LiFTeR: Changes for August 16, 2023
- zeek{,-btest,-btest-data,-client,-core,ctl,-devel,-spicy-devel,-zkg}-6.0.0-1.{fc36,fc37,fc38,el7,el8}.x86_64.rpm, libbroker-devel-6.0.0-1.{fc36,fc37,fc38,el7,el8}.x86_64.rpm, zeek{,-btest,-btest-data,-client,-core,ctl,-devel,-spicy-devel,-zkg}-6.0.0-1.el9.{x86_64,aarch64}.rpm, libbroker-devel-6.0.0-1.el9.{x86_64,aarch64}.rpm -
Zeek is a powerful network analysis framework that is much different from the typical IDS you may know.
While focusing on network security monitoring, Zeek provides a comprehensive platform for more general network traffic analysis as well. Well grounded in more than 20 years of research, Zeek has successfully bridged the traditional gap between academia and operations since its inception. Today, it is relied upon operationally by both major companies and numerous educational and scientific institutions for securing their cyberinfrastructure.
See here for the changes for all versions of Zeek.
Zeek was originally developed by Vern Paxson. Robin Sommer now leads the project, jointly with a core team of researchers and developers at the International Computer Science Institute in Berkeley, CA; and the National Center for Supercomputing Applications in Urbana-Champaign, IL.
Please note: zeek packages install files in /opt/zeek. To use these files, add the following to your ~/.bashrc file:
[[ -d /opt/zeek/bin && ! "$PATH" =~ /opt/zeek/bin ]] && PATH=$PATH:/opt/zeek/bin
[[ -d /opt/zeek/share/man && ! "$MANPATH" =~ /opt/zeek/share/man ]] && MANPATH=$MANPATH:/opt/zeek/share/man
Then run:
. ~/.bashrc
- pfring-8.5.0-8442.x86_64.rpm -
PF_Ring is a new type of network socket that dramatically improves the packet capture speed.
This package contains header files and libraries, among other files, to support the PF_Ring network socket.
Here is the announcement of PF_Ring 7.8.
- pfring-dkms-8.5.0.8442-dkms.noarch.rpm -
PF_Ring is a new type of network socket that dramatically improves the packet capture speed.
This package conains the code and supporting files needed to create the PF_Ring kernel module.
- ndpi-4.7.0-4337.x86_64.rpm -
ndpi is an open source LGPLv3 library for deep-packet inspection.
- lime-kernel-modules-fc38-x86_64-1.9.1-10.noarch.rpm -
Support for the following kernels were added for LiME:
- 6.4.9-200 for FC38
- fmem-kernel-modules-fc38-x86_64-1.6-1.10.noarch.rpm -
Support for the following kernels were added for Fmem:
- 6.4.9-200 for FC38
- lime-kernel-modules-fc37-x86_64-1.9.1-10.noarch.rpm -
Support for the following kernels were added for LiME:
- 6.4.9-100 for FC37
- fmem-kernel-modules-fc37-x86_64-1.6-1.10.noarch.rpm -
Support for the following kernels were added for Fmem:
- 6.4.9-100 for FC37
- lime-kernel-modules-el9-{x86_64,aarch64}-1.9.1-23.noarch.rpm -
Support for the following kernels were added for LiME for both the x86_64 and aarch64 architectures:
- 5.14.0-352 for EL9
- fmem-kernel-modules-el9-{x86_64,aarch64}-1.6-1.23.noarch.rpm -
Support for the following kernels were added for Fmem for both the x86_64 and aarch64 architectures:
- 5.14.0-352 for EL9
- lime-kernel-modules-el7-x86_64-1.9.1-91.noarch.rpm -
Due to configuration errors, support for the following kernels were added for LiME:
- 3.10.0-1160.95.1 for EL7
- fmem-kernel-modules-el7-x86_64-1.6-1.91.noarch.rpm -
Due to configuration errors, support for the following kernels were added for Fmem:
- 3.10.0-1160.95.1 for EL7