[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[ossec-dev] Updates on the project (GPLv3, Windows UI, policy auditing, etc)

To: ossec-dev@xxxxxxxxx, ossec-list@xxxxxxxxx
Subject: [ossec-dev] Updates on the project (GPLv3, Windows UI, policy auditing, etc)
From: "Daniel Cid" <dcid@xxxxxxxxx>
Date: Thu, 12 Jul 2007 20:43:53 -0300
Content-disposition: inline
Content-transfer-encoding: 7bit


Hi list,

A lot is going on lately and I would like to keep everyone updated. Here it go:

*Next version will come with a simplified UI to manage the Windows
agent. I really need people trying it out. More information:
http://www.ossec.net/dcid/?p=91

*We opened a list with our CVS commits. More info:
http://www.ossec.net/dcid/?p=90

*I am thinking on updating ossec's license to the gplv3. I exposed my reasons at
http://www.ossec.net/dcid/?p=95 and I would love some feedback.
Basically, I am looking
for reasons not to update.

*I need beta testers for the next version. If you are willing to help
us out, let me know.
We need testers with access to Windows 2000, Windows 2003, Windows XP, Solaris,
Linux, *BSD, AIX, HP-UX or Mac. If you have access to any of these
systems, you can
help us :) Yes, no one left behind...

*I am adding policy auditing to the next version of the Windows agent.
Basically, it
will allow you to alert when any setting is out of compliance (e.g.
PCI) or when specific
applications are installed, etc. Example of entries that you can do:

[Microsoft Firewall disabled] [any] []
r:HKEY_LOCAL_MACHINE\software\policies\microsoft\windowsfirewall\domainprofile
-> enablefirewall -> !0;
r:HKEY_LOCAL_MACHINE\software\policies\microsoft\windowsfirewall\standardprofile
-> enablefirewall -> !0;

[Null sessions allowed] [any] []
r:HKLM\System\CurrentControlSet\Control\Lsa -> RestrictAnonymous -> 0;

[Chat/IM/VoIP - Skype] [any] []
f:\Program Files\Skype\Phone;
f:\Documents and Settings\All Users\Documents\My Skype Pictures;
f:\Documents and Settings\Skype;
f:\Documents and Settings\All Users\Start Menu\Programs\Skype;
r:HKLM\SOFTWARE\Skype;
r:HKEY_LOCAL_MACHINE\Software\Policies\Skype;
p:Skype.exe;


It will be all controlled and configured from the server side. If you
have suggestions
and would like to help building the applications profiles and default
audit settings,
let me know.


Thanks,

--
Daniel B. Cid
dcid ( at ) ossec.net

Prev by Date: [ossec-dev] OSSEC CVS List
Next by Date: [ossec-dev] Problems with ossec
Previous by thread: [ossec-dev] OSSEC CVS List
Next by thread: [ossec-dev] Problems with ossec
Index(es):
- Date
- Thread

OSSEC home | Main Index | Thread Index

OSSEC project: www.ossec.net.
Mailling list information: http://www.ossec.net/en/mailing_lists.html.