Version 0.8 of OSSEC HIDS is now available!

This is the first version offering native support for
Windows NT, XP, 2000 and 2003. It includes as well a new set
of log analysis rules for sendmail, web logs (Apache and
IIS), IDSs and Windows authentication events.

The correlation rules for squid, mail logs, firewall events 
and authentication systems have been improved, detecting
scans, worms and internal attacks.
The active-responses were also refined, with support to
IPFW (FreeBSD) added.

The installation process was re-organized, now including simpler
configuration options and translation on 6 different languages
(English, Portuguese, German, Turkish, Polish and Italian).


To download the Unix and Windows versions:
http://www.ossec.net/en/downloads.html


Use our mailling list if you have any questions or comments:
http://www.ossec.net/en/mailing_lists.html


More information about the Windows support:
http://www.ossec.net/en/manual.html#windows


See also: "Why use the Windows Agent?" in the FAQ.
http://www.ossec.net/en/faq.html#a1.6


Detailed changelog (new features added):

 - Active response for IPFW (Thanks Welkson de Medeiros 
   and Rafael Capovilla for the help).

 - Improved rules for Squid (Thanks Ahmet and Marcus Maciel for the help).

 - Rules for Sendmail (Thanks Ahmet Ozturk).

 - Improvements to the host-deny active response, with
   support to locking added (Thanks Kayvan A. Sylvan).
   
 - Improvements to the installation script and the
   manage_agents tool, making it much simpler to use
   (Thanks Ahmet and Kayvan for the help). 
   
 - Installation in Italian (Thanks Alberto Furia).
 
 - Installation in Polish (Thanks Dziankowski Krzysztof).
 
 - Rules for Windows authentication, success audit and failure
   audit events.

 - Correlation rules for web logs (Apache and IIS).

 - Support for variable file names (based on date) to be monitored.

 - Support for Windows (Agent only).
   http://www.ossec.net/en/manual.html#windows

 - Support for IIS.
   http://www.ossec.net/en/manual.html#iis

 - Clean up of the configuration options and documentation on
   the web site.
   http://www.ossec.net/en/manual.html
   (Thanks Liliane Cid for the help)
 
 - Numerous features and bug fixes.  


For more information:
http://www.ossec.net/


To download the new version:
http://www.ossec.net/en/downloads.html


We want to thank everyone who sent comments, suggestions
or just some nice words to us! We really appreciate the 
feedback!

Daniel B. Cid (in name of the OSSEC HIDS team).
http://www.ossec.net/en/about.html#dev-team
http://www.ossec.net/announcements/v08-2006-05-12.txt