Dear Network and Security Monitoring people :
We are pleased to announce that Trisul 3.0 is immediately available for download.
Please visit the download page to get the latest packages.
We have packages available for :
- CentOS 6.2 - 64 bits (recommended)
- Ubuntu 12.04 32 bits
Trisul 3.0 is a major step forward in the technique of monitoring everything. This release introduces Full Text Search (FTS) technology to make certain kinds of resources instantly searchable. Now SSL Certificates and HTTP Headers are FTS indexed which means you can search for any arbitrary string in them and get instant results. Trisul 3.0 also adds a keyspace search tool which can tell you about traffic in suspicious netblocks instantly.
Full Text Search
SSL Certificate chains and HTTP Headers are stored in an FTS index.
SSL traffic is no longer a black box as Trisul 3.0 will count traffic by a) SSL organizations ( amazon, google, twitter, etc) b) SSL Cipher Suites (how much traffic by RC4, AES, etc) and c) by Certificate Authorities.
Key space search
All keys are stored in a format suitable for fast long term spatial analysis. The best use case for this is to check all your past traffic (months at a time) for activity within malicious netblocks. You can also use this tool for other types of spatial analysis like MAC addresses or ports.
New Github repo
All analysis of Trisul is scriptable so you are not stuck with repeating same processes via the user interface. We have a new GitHub repo "trisul-scripts" where many such scripts are released.
Enhancements & Fixes
- Completely new UI
- WebTrisul is not packaged as a DEB or RPM
- All packages are signed by our GPG key
- New documentation
- Over 500+ other major and minor tweaks and enhancements
Thanks for your wonderful support for Trisul. We are growing release to release. Join us !!