==OSSEC v2.0 CHANGELOG (Feb 27, 2009)== We are pleased to announce the general availability of OSSEC version 2.0. As always, this version comes with lots of bug fixes and new features. Changelog: -Added compiled rules -Fixed bug on the Windows agent event log reader that was not working properly when the message size was larger than 2048 *64 chars. -Fixed alerting when the event log is cleared. -Fixed su decoder (Reported by Ricardo Stocco). -Fixed bug on the Windows agent event log reader where non-standard logs where failing the configuration test. -Added option for agentless integrity checking on Linux. -Added option for agentless integrity checking on BSD systems. -Added option for generic diffs using the agentless monitoring. -Ignoring /dev/oprofile alerts on Ubuntu (reported by gary ). -Fixed scan_day value on syscheck that was not working properly (patch by Matthias Schmidt). -Added ossec-reported tool to generate text-based reports. -Fixed bug on syscheckd where it would stop working if ever found a link to a socket or device (reported by Matthias Schmidt). -Fixed bug on the installation script that was not disabling rootcheck properly (by Meir Michanie). -Added agentless integrity checking on Cisco devices (routers, switches and firewalls) (thanks to Marcus Maciel for the help and script samples). -Fixed false positives on some pix rules. -Added support for Yum rules (thanks to Michael Starks for the help). -Added dutch translation (thanks to Martijn de Boer). -Added support for picviz (thanks to Sebastien Tricaud). -Fixed support for wildcards on logcollector. It was not working if it was the first entry in the file (Thanks to Nicolas Arias for the report). -Fixed MySQL output support that was dying if the server went down (thanks to Scott Shinn for the reporting and help debugging it). -Fixing output of rootcheck_control that was reporting the wrong ip address (thanks to Aaron Bliss for the report). -Added CentOS 5.2 to the RHEL5 CIS checks. -Added scan_on_start option to rootcheck. -Fixed init scripts for Mac OSX 10.5 (reported by Martijn de Boer). -Updated checkpoint decoder (patch by Dean Takemori). -Removed false positive on FreeBSD caused by rootcheck looking at libproc.a (reported by moto kawasaki). To download the new version: http://www.ossec.net/main/downloads We want to thank everyone who sent comments, suggestions or just some nice words to us! We really appreciate the feedback! Daniel B. Cid (in name of the OSSEC team). http://www.ossec.net/main/about http://www.ossec.net/announcements/v2.0-2009-02-27.txt