Farsight's Advanced Exchange Access: 1.2.0 Release Notes

Introduction

This article discusses the new features in Farsight’s latest release of theAdvanced Exchange Access (AXA) toolkit, version 1.2.0.

For background on Farsight Security’s Security Information Exchange (SIE) and AXA itself,it is recommended that you be comfortable with the material in the followingFarsight Security Blog articles:

• Farsight’s Advanced Exchange Access, Part 1 of 3
• Farsight’s Advanced Exchange Access, Part 2 of 3
• Farsight’s Advanced Exchange Access, Part 3 of 3

Bug Fixes and New Features

The following new features and bug fixes are available in AXA 1.2.0 whichis available here and here.

• Add command status: Added a status command to retrieve current connection  details. Example:

   sra> connect tls:[email protected],1021
   * HELLO srad version 1.1.1 mschiffm AXA protocol 1
   sra> status
   connected to "srad version 1.1.1 mschiffm AXA protocol 1"
       sra.sie-remote.net,1021
       connected for: 3 seconds
       TLSv1/SSLv3 ECDHE-RSA-AES256-GCM-SHA384  zlib compression
       0 packets remaining to print of 0 total

• Add support for new channels: In 1.2.0 we added support for DNS Errorsand NXD Channels via etc/fields.
• Add pidfile support for sratunnel: We addedan option to sratunnel to allow the user to specify a pidfile. Thisallows for easy management of daemonized sratunnel processes.
• Updated help: The help has been updated to be a bit clearer and easier toread.
• Fix print_sie_newdomain(): There was a NULL pointer dereference thatresulted in a crash. The bug was triggered when a pathological newdomainSOA message was printed in “non-verbose” mode.
• Fix axa_str_to_cidr(): Patched to remove a false negative errorcondition.
• Fix axa_get_token(), axa_vlog_msg(), dns_to_key(), trie_free(): Multiple corner-case bugs fixed.

Stay tuned for further updates!

Mike Schiffman is a Packet Esotericist for Farsight Security, Inc.

‍