The Specialized Network Security Distribution Celebrates

-

SELKS 10: The Specialized Network Security Distribution

SELKS 10, a specialized security distribution developed by Stamus Networks, marks a decade of activity for a project that we haven't previously discussed in these parts. So, while we may be late to this announcement, we're actually late to the project itself.

Indeed, there are well-known solutions in the Linux realm that serve as tools for these purposes, and in fact, two new versions of the most prominent ones, Kali Linux 2024.2 and Parrot 6.1, have been released recently. However, one of the typical aspects of Linux is that alternatives to alternatives are always emerging. Therefore, it's worth repeating that here we have the release of SELKS 10.

How is SELKS similar to or different from Kali Linux or Parrot? Stamus Networks' product, which specializes in network security, focuses on security and threat detection, but with a more particular approach, if possible, based on Debian. SELKS is actually an acronym for Suricata, Elastic Search, Logstash, Kibana, and Stamus (Community Edition, to be precise).

According to the official SELKS site, SELKS is a free, open-source (GPL3), ready-to-use system based on the real-time Intrusion Detection System (IDS) and Intrusion Prevention System (IPS) software, Suricata. Additionally, it includes many other tools—far more than those mentioned in its name—established and more commonly used in professional settings. For example:

  • Elasticsearch is a flexible and scalable distributed search and analytics engine.
  • Logstash is a server-side data processing tool capable of working with multiple sources.
  • Kibana is a data visualization and analytics platform designed to uncover patterns, trends, and anomalies.

Other key components of SELKS include EveBox, an event management system for Suricata; Arkime, a network packet analysis tool; and CyberChef, a comprehensive web application.

SELKS is a specialized security distribution, but it has little in common with Kali Linux or Parrot, even though it's a Linux distribution and open-source software in all cases. SELKS, however, is not a general-purpose system, nor is it designed as a learning utility. On the contrary, it is a network protection tool aimed at enterprises, with the added benefit that this Community Edition is accessible to any user.

For more information about SELKS 10, the official release announcement contains all the necessary details, as well as insights into the project's history, idiosyncrasies, and focus as it celebrates its tenth anniversary. Interested in trying it out? In its download section, you'll find images with and without a desktop interface, as well as Docker packages.

As is the case with many other open-source projects, SELKS offers limited functionality compared to the services provided by Stamus Networks, but it's accessible to anyone who wishes to use it or test the capabilities of the company's commercial products. It also provides a foundation that can be manually expanded upon.







Comments

Post a Comment

Popular posts from this blog

systemd 256 arrives with run0, the ‘sudo clone’ that aims to improve security

-
Image
systemd 256 arrives with run0, the ‘sudo clone’ that aims to improve security systemd 256 is now a reality, featuring an interesting innovation that could represent a significant change in Linux in the not-too-distant future, although this will ultimately depend on the decisions made by various distributions. Without further delay, let’s go over the main new features. First, we have the introduction of run0, a kind of clone of sudo that aims to enhance security by reducing the attack surface. According to Lennart Poettering, the creator of systemd, this is achieved by ensuring “the target command is invoked in an isolated execution context, freshly forked from PID 1, without inheriting any context from the client,” making its behavior more akin to SSH. And since we’ve mentioned SSH, there’s the systemd-ssh-generator , which has been added to detect if the SSHD binary (the SSH daemon) is present and then link it through socket activation per connection to various sockets depending on
Read more

Kubernetes 1.30 Available, New Version of the Container Orchestrator

-
Image
Kubernetes 1.30, named “Uwurnetes,” has been released as the new stable version of the well-known container orchestrator, which originated at Google and is now under the umbrella of The Linux Foundation. The developers have described this release as "the most beautiful" in the history of the software and have announced it includes a total of 45 new features, with 17 in stable phase, 18 in beta, and 10 in alpha. However, here we will only mention the most important ones. The first notable update in Kubernetes 1.30 is the stable release of the Robust VolumeManager rebuild after restarting the kubelet. This involves a refactoring of the volume manager that allows the kubelet to complete additional information on how existing volumes are mounted during the kubelet's startup. Generally, this makes volume cleanup more robust after restarting the kubelet or the machine. Also arriving in stable phase is the prevention of unauthorized volume mode conversion during volume restora
Read more

Fedora Asahi Remix 40, the new version of Linux for Apple Silicon

-
Image
  Fedora Asahi Remix 40 has been announced as the latest version of the Fedora-based system designed to run on Mac computers with Apple Silicon processors. This version primarily represents an evolution of what was already present, which is quite significant given the project's potential to enhance the Linux desktop experience, particularly in areas like sound. According to Fedora Magazine, Fedora Asahi Remix is developed through close collaboration between the Asahi Linux team and the Fedora Asahi Special Interest Group (SIG). It's worth noting that Asahi Linux is not a traditional distribution but rather a technology platform that enables running Linux on Apple Silicon processors. However, this doesn't stop its Fedora remix from being a reference system. As expected, Fedora Asahi Remix 40 is based on Fedora 40 and uses KDE Plasma 6 as its desktop environment. Therefore, the Wayland session should be the default, especially given the strong support this system has for th
Read more