[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Ossec-list] Version 0.8 of OSSEC HIDS is now available!

Subject: [Ossec-list] Version 0.8 of OSSEC HIDS is now available!
From: daniel.cid at gmail.com (Daniel Cid)
Date: Thu, 11 May 2006 17:17:30 -0300

This is the first version offering native support to
Windows NT, XP, 2000 and 2003. It includes as well a new set
of log analysis rules for sendmail, web logs (Apache and
IIS), IDSs and Windows authentication events.

The correlation rules for squid, mail logs, firewall events
and authentication systems have been improved, detecting
scans, brute-force attacks, worms and internal attacks.
In addition to that, the active-responses were refined, with
support to IPFW (FreeBSD) added.

The installation process was re-organized, now including simpler
configuration options and translation on 6 different languages
(English, Portuguese, German, Turkish, Polish and Italian).


To download the Unix and Windows versions:
http://www.ossec.net/en/downloads.html


Use our mailling list if you have any question or comment:
http://www.ossec.net/en/mailing_lists.html


More information about the Windows support:
http://www.ossec.net/en/manual.html#windows



Detailed changelog (new features added):

 - Active response for IPFW (Thanks Welkson de Medeiros
   and Rafael Capovilla for the help).

 - Improved rules for Squid (Thanks Ahmet and Marcus Maciel for the help).

 - Rules for Sendmail (thanks Ahmet Ozturk).

 - Improvements to the host-deny active response, with
   support to locking added (Thanks Kayvan A. Sylvan).

 - Improvements to the installation script and the
   manage_agents tool, making it much simpler to use
   (thanks Ahmet and Kayvan for the help).

 - Installation in Italian (thanks Alberto Furia).

 - Installation in Polish (thanks Dziankowski Krzysztof).

 - Rules for Windows authentication, success audit and failure
   audit events.

 - Correlation rules for web logs (Apache and IIS).

 - Support for variable file names (based on date) to be monitored.

 - Support for Windows (Agent only).
   http://www.ossec.net/en/manual.html#windows

 - Support for IIS.
   http://www.ossec.net/en/manual.html#iis

 - Clean up of the configuration options and documentation on
   the web site.
   http://www.ossec.net/en/manual.html

 - Lot of new small features and bug fixes.


For more information:
http://www.ossec.net/


To download the new version:
http://www.ossec.net/en/downloads.html


We want to thanks everyone who sent comments, suggestions
or just some nice words to us! We really appreciate the
feedback!

Daniel B. Cid (in name of the OSSEC HIDS team).
http://www.ossec.net/en/about.html#dev-team
http://www.ossec.net/announcements/v08-2006-05-12.txt

Prev by Date: [Ossec-list] [ossecm@xxxxxxxxxxxxxxxx: OSSEC Hids Notification - Alert level 12]
Next by Date: [Ossec-list] High volume of Web (Mambo ?) scans
Previous by thread: [Ossec-list] [ossecm@xxxxxxxxxxxxxxxx: OSSEC Hids Notification - Alert level 12]
Next by thread: [Ossec-list] High volume of Web (Mambo ?) scans
Index(es):
- Date
- Thread

OSSEC home | Main Index | Thread Index

OSSEC project: www.ossec.net.
Mailling list information: http://www.ossec.net/en/mailing_lists.html.