-New log formats (info):

• Solaris BSM auditing logs
• Asterisk logs
• Checkpoint and Smart Defense logs
• Debian package (dpkg) install/status/remove messages
• Shorewall logs
• Postfix SASL error messages
• Localized pure-ftpd messages (for 12 different languages)
• DJB multilog

-Greek translation of the install.

-Added agent_control tool to manage the agents directly from the server (info).

-New options to syscheckd/rootcheckd to better schedule the scans (info).

-Performance improvements to the Windows Agent, specially when dealing with
large event logs.

-Added new options to Rootcheck to look for common web exploits installed
on the system (used to attack others).

Check the v1.5 Changelog to see all the changes and contributors.

Download it from: http://www.ossec.net/main/downloads .

Special thanks to Martin West, Sebastien Tricaud, Giannis Vrentzos, Sandro Gauci, Michael Starks, Cedric Bleimling, Dean Takemori and Dennis Golden for the contributions and John Lewis, Daniel Medianero, John Ives and Derek Morris for beta testing this release.

They already have videos showing how to install OSSEC (on Unix and Windows) and will be giving away a copy of the new OSSEC book to one of their registered users. More information at their site.

About The Academy:
The Academy is a web site willing to provide instructional videos for the information security community. For the first time ever, the average user to the most seasoned industry expert will be able to watch instructional videos on how to install popular products, address common configuration issues, and troubleshoot difficult problems. The Academy is a user driven community and videos are created at the request of its members. Vendors can also leverage the site to showcase the features and capabilities of their products. The Academy is an ideal place to find and share knowledge with others practicing or interested in the information security field.

About the book:

This book is the definitive guide on the OSSEC Host-based Intrusion Detection system and frankly, to really use OSSEC you are going to need a definitive guide. Documentation has been available since the start of the OSSEC project but, due to time constraints, no formal book has been created to outline the various features and functions of the OSSEC product. This has left very important and powerful features of the product undocumented…until now! The book you are holding will show you how to install and configure OSSEC on the operating system of your choice and provide detailed examples to help prevent and mitigate attacks on your systems.
– Stephen Northcutt

Installation instructions available at: Wiki OSSECWUI:Install

Download it at: Downloads page.

Special thanks to Chris Abernethy for the huge contributions and Daniel Medianero and Liliane Cid for beta testing this new version.

• Support for reading database logs from PostgreSQL and MySQL (info)
• Support for Prelude (info)
• Support for storing the alerts on MySQL and PostgreSQL (info)
• Support for Sonicwall logs, HP-UX ftpd, AIX 5.3 syslog ,etc

Plus lots of bug fixes and small improvements. Check the v1.4 changelog to see all changes and contributors.

Special thanks to Michael Starks, Jeff Schroeder, Steve West, Tom Bicer, Peter M. Abraham, Colby W., Slava Semushin, Sebastien Tricaud, Leonardo Goldim, Trey Valenta, Dustin Lenz and Chris Abernethy for the contributions and John Ives, Rick McClinton, Paul Sebastian Ziegler, Daniel Medianero and Liliane Cid for beta testing this release.

Download it in here.

If you want to learn a bit more about ossec, take a look at them.
**Note that both presentations are very similar, but AusCERT’s is a bit more organized, so recommended to be read first.

• OSSEC at AusCERT (Log-based Intrusion detection using OSSEC).
• OSSEC at Confidence (Log analysis using OSSEC).

With thousands of open source security packages available, choices can be confusing. Here’s the short list of tools that are getting real-world successful deployments.
..
I’ve selected OSSEC HIDS as the No. 1 open source tool due to its recent rapid growth in the enterprise. OSSEC HIDS is a rapidly evolving open source project that offers the first ever open source host intrusion detection and prevention system, developed by Daniel Cid. The OSSEC HIDS project has been gaining widespread use and is quickly being deployed within organizations around the world as a method of protecting systems at the host level after attacks have made it past network defenses.

The OSSEC HIDS project team has ported the tool to all major operating system platforms including Windows, MacOSX, HP-UX, Solaris, FreeBSD, OpenBSD and Linux.

Full article here.