[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Ossec-list] Version 0.7 of the OSSEC HIDS is now available

Subject: [Ossec-list] Version 0.7 of the OSSEC HIDS is now available
From: daniel.cid at gmail.com (Daniel Cid)
Date: Tue, 28 Mar 2006 17:05:45 -0400

Version 0.7 of the OSSEC HIDS is now available!

This is one of the most improved versions so far. It now includes
support for squid, pure-ftpd, postfix and AIX ipsec logs (in addition
to a lot of improvements to the previous rules).
The integrity checking engine now allows granular options, where
you can specify exactly what options you want to monitor (checksum,
size, ownership, etc).
The rootkit detection had a lot of improvements too, reducing false
positives on most of the systems and with a lot of new anomaly
checks to detect kernel level rootkits.
We also have a new website and the installation in 4 different
languages (portuguese, english, german and turkish).
In addition to that, this version includes a lot of bug fixes
and performance improvements.


To download the new version:
http://www.ossec.net/files/ossec-hids-0.7.tar.gz


Use our mailling list if you have any questions, suggestions or
comments :
http://www.ossec.net/en/mailing_lists.html


Detailed changelog (new features):

 - Active response for AIX IPSEC (thanks Ahmet Ozturk).

 - Rules for pure-ftpd (thanks Peter Ahlert for the logs).

 - Rules for Squid (thanks Ahmet).

 - Rules for Postfix (thanks Ahmet again :)).

 - Improved integrity checking engine that allows granular
   options. You can choose what to monitor on each specific
   file or directory (checksum, size, ownership, etc).
   http://www.ossec.net/en/manual.html#syscheck_options	

 - Improved kernel level rootkit detection by the addition of
   a lot of system calls anomaly detection.

 - Release of the new website, much prettier and easy to read.
   Thanks to Giannis Vrentzos for all his work.

 - A lot of improvements to the installation script.
   (thanks Rafael Capovilla and Ahmet for the cooperation).

 - Support for a multi language installation.

 - Installation in German (thanks Peter Ahlert).

 - Installation in Turkish (thanks Ahmet Ozturk).

 - Installation in Portuguese (Thanks Daniel Barcellos,
   Allan Soares and Willian Amano).

 - New rules for the rootkit detection file lookup.

 - A lot of new log analysis rules and tuning of the old ones.



For more information:
http://www.ossec.net/

To download the new version:
http://www.ossec.net/files/ossec-hids-0.7.tar.gz


I want also to thanks everyone who sent comments, suggestions
or just some nice words to us! I really appreciate the feedback!

Thanks,

Daniel Cid (in name of the OSSEC HIDS team).
http://www.ossec.net/en/about.html#dev-team
http://www.ossec.net/announcements/v07-2006-03-29.txt

Prev by Date: [Ossec-list] RE : RE : RE : RE : Installing a pre-compiled agent on another machine
Next by Date: [Ossec-list] 0.6-1 and Mac OS X
Previous by thread: [Ossec-list] RE : RE : RE : RE : RE : Installing a pre-compiledagent on another machine
Next by thread: [Ossec-list] a few items
Index(es):
- Date
- Thread

OSSEC home | Main Index | Thread Index

OSSEC project: www.ossec.net.
Mailling list information: http://www.ossec.net/en/mailing_lists.html.