Farsight's Advanced Exchange Access: 1.2.0 Release Notes
Introduction
This article discusses the new features in Farsight’s latest release of the
Advanced Exchange Access (AXA) toolkit, version 1.2.0
.
For background on Farsight Security’s Security Information Exchange (SIE) and AXA itself, it is recommended that you be comfortable with the material in the following Farsight Security Blog articles:
- Farsight’s Advanced Exchange Access, Part 1 of 3
- Farsight’s Advanced Exchange Access, Part 2 of 3
- Farsight’s Advanced Exchange Access, Part 3 of 3
Bug Fixes and New Features
The following new features and bug fixes are available in AXA 1.2.0
which
is available here and here.
- Add command
status
: Added a status command to retrieve current connection details. Example:
sra> connect tls:[email protected],1021 * HELLO srad version 1.1.1 mschiffm AXA protocol 1 sra> status connected to "srad version 1.1.1 mschiffm AXA protocol 1" sra.sie-remote.net,1021 connected for: 3 seconds TLSv1/SSLv3 ECDHE-RSA-AES256-GCM-SHA384 zlib compression 0 packets remaining to print of 0 total
Add support for new channels: In
1.2.0
we added support for DNS Errors and NXD Channels viaetc/fields
.Add pidfile support for
sratunnel
: We added an option tosratunnel
to allow the user to specify a pidfile. This allows for easy management of daemonizedsratunnel
processes.Updated help: The help has been updated to be a bit clearer and easier to read.
Fix
print_sie_newdomain()
: There was a NULL pointer dereference that resulted in a crash. The bug was triggered when a pathologicalnewdomain
SOA message was printed in “non-verbose” mode.Fix
axa_str_to_cidr()
: Patched to remove a false negative error condition.Fix
axa_get_token()
,axa_vlog_msg()
,dns_to_key()
,trie_free()
: Multiple corner-case bugs fixed.
Stay tuned for further updates!
Mike Schiffman is a Packet Esotericist for Farsight Security, Inc.