Skip to content

Releases: idaholab/Malcolm

Malcolm v2.4.1

20 Oct 21:49
@mmguero mmguero
v2.4.1
f2b4593
Compare
Choose a tag to compare
Malcolm v2.4.1

Malcolm v2.4.1 contains the following changes:

v2.4.0...v2.4.1

  • Zeek

  • Version bumps

    • supercronic (for Docker images) 0.1.11
    • nginx 1.19.3
    • bison (for Zeek compile) 3.7.2
    • cmake (for Zeek compile) 3.18.4
    • Zeek 3.0.11
    • Moloch 2.4.1
    • Linux Kernel (for ISOs) 5.8.0

Malcolm and Hedgehog Linux may be obtained by pulling or building the Docker images and/or building the ISO installer images as described in the documentation. Unofficial ISO installer images for Malcolm and Hedgehog Linux are not hosted on GitHub, but may be downloaded from https://malcolm.fyi/download/.

Assets 7
Loading

Malcolm v2.4.0.1

05 Oct 14:57
@mmguero mmguero
v2.4.0.1
62a820d
Compare
Choose a tag to compare
Malcolm v2.4.0.1

Malcolm v2.4.0.1 is a repack of the Malcolm v2.4.0 release with one minor fix for the ISO installers for Malcolm and Hedgehog Linux to fix #27. The rest of the code is identical. If you are deploying Malcolm with Docker rather than the ISO-installed version, you can ignore this release.

Assets 6
Loading

Malcolm v2.4.0

01 Oct 15:12
@mmguero mmguero
v2.4.0
207dc4f
Compare
Choose a tag to compare
Malcolm v2.4.0

Malcolm v2.4.0 contains the following new features, improvements and bug fixes:

  • Extracted file scanning
    • added Capa as an optional extracted file scanner
    • improvements to the way file scanners work when more than one are enabled
  • Version updates
    • updated Moloch to 2.4.1
    • updated Zeek to 3.0.10
    • updated Linux Kernel for ISO installers to 5.7
  • Zeek plugins
  • Tweaks and bug fixes
    • Don't allow docker to mess with firewall rules in Malcolm ISO
    • Fix #26, ISO installers result in blank screen when booting with BIOS
    • Fix #24, install.py won't prompt to change ownership of extracted directory correctly if run as root
    • Leave some development packages in place in Hedgehog ISO so that Spicy plugins can be compiled

v2.3.0...v2.4.0

Malcolm and Hedgehog Linux may be obtained by pulling or building the Docker images and/or building the ISO installer images as described in the documentation. Unofficial ISO installer images for Malcolm and Hedgehog Linux are not hosted on GitHub, but may be downloaded from https://malcolm.fyi/download/.

Assets 7
Loading

Malcolm v2.3.0

09 Sep 19:14
@mmguero mmguero
v2.3.0
07f7ba7
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
Malcolm v2.3.0

Malcolm v2.3.0 contains the following new features, improvements and bug fixes:

  • Carved file scanning improvements

    • Multiple file scanners can now be enabled concurrently (previously only one at a time was allowed)
    • Yara added as carved file scanner feeding signatures.log with Florian Roth's Signature-Base Yara ruleset enabled by default and the ability to provide other yara signatures under yara/rules under the Malcolm directory (see #148 and #14)

  • Bumped versions

  • Bug fixes

    • #150 docker-compose having issues with start and logs under macOS
    • Hedgehog was missing new environment variables for finer control of Zeek local policy behavior
    • miscellaneous tweaks to Docker and ISO images (mainly for file size)

v2.2.1...v2.3.0

Malcolm and Hedgehog Linux may be obtained by pulling or building the Docker images and/or building the ISO installer images as described in the documentation. Unofficial ISO installer images for Malcolm and Hedgehog Linux are not hosted on Github, but may be downloaded from https://malcolm.fyi/download/.

Assets 7
Loading