Agenda

Core Update 182 - Feedback on Testing and Release
- Several users have reported issues with grub not working after the update. (related forum thread)
- Things to Learn: Implementation and User Notification of New Features (e.g., New SMTP Port Block).
Core Update 183 - Linux 6.6 LTS

Icinga Addon Removal
- Current Version: 1.11.4 (2014)
- End of Life for Version 1.x: End of 2018
- User Request for Update to 2.x Branch
- Note: No volunteer for updating to 2.x

Removal of PT Attack Detection Team Ruleset
- Status: Read-Only since Sep 2022, Last Major Changes in 2021
- EOL Status and Current Focus of Positive Technologies
Removal of Secureworks Rulesets
- Enhanced, Malware, and Security Rulesets
- Issue: Rulesets No Longer Available (404 Error)
- Secureworks Website: No Mention of Suricata Rulesets
Community Suggestion
- Addition of ThreatFox IPS Ruleset by abuse.ch? (Suggestion here)
- Consideration: Potential Conflicts or Duplication with Existing Rules

Attendees

Negative feedback on the SMTP change. People need to read the change log. Let's add a screenshot...
GRUB seems to cause several problems for few users (#13507)

Kernel 6.6 is great
Testing phase should start early next week as there are pending patches
Big changes are in it like OpenSSL 3.2.0: Needs a lot of testing for OpenVPN/IPsec certificates
Arne sends a patch for GRUB 2.12

Should it be possible to disable this?
- Yes, for security research
- Yes, because we might have a false-positive
Adolf will resend his patch & potentially move the logging section

PT seems to be suffering from consequences of the invasion of Ukraine and is not expected to function any time soon.
- The ruleset will be removed
SecureWorks has gone commercial
- The ruleset will be removed
ThreatFox will be added
Suricata 7: Check if we can jump to this release (#13516)