OSSEC 3.1.0

Posted on by Scott R. Shinn

Changelog Release Maintainers Dan Parriott Scott R. Shinn (Atomicorp, Inc.) Release Notes Special thanks on this release go out to: davestoddard for an amazingly well thought out, and well documented update to the networking code Bob-Andrews for the largest update to the auditing system in the project history phamvoung for resolving some very subtle bugs […]

OSSEC 3.0.0

Posted on by Scott R. Shinn

Changelog Release Maintainers Dan Parriott Scott R. Shinn (Atomicorp, Inc.) Whats New SQLite support for syscheck PR #1091 – whitelist for files in sqlite DB PR #1364 – add some ifdefs for the md5 whitelist database (USE_SQLITE) Update cJSON 1.7.0 #1351 Add Pagerduty Active response #1302 OSSEC-authd #890 / #873 – Dichotomic search to add […]

OSSEC 2.9.4

Posted on by Scott R. Shinn

Changelog Release Maintainers Dan Parriott Scott R. Shinn (Atomicorp, Inc.) General PR #1207, for issue #1205, Pushing merged.mg to Windows agents fails due to EOL conversion PR #1259, for issue #1145, fixes for RHEL getaddrinfo/ipv6 PR #1428, for issue #1425, check owner option doesnt work on windows agent PR #1428, for issue #1425, check owner […]

OSSEC HIDS 3.0 Snapshots

Posted on by Scott R. Shinn

OSSEC 3.0 release candidate builds are available from our testing Yum/Apt repo for the following distributions: Amazon Linux Amazon Linux LTS RHEL / Centos 6 RHEL / Centos 7 Debian 7 / 8 Ubuntu 14 / 16 Fedora 24 / 25 / 26 / 27 Windows Updates for Fedora 28, Ubuntu 18, and Kali linux […]

Join us on Slack!

Posted on by Scott R. Shinn

We’re in the process of opening up our slack channel: https://ossec.slack.com/ to the public. At the moment its still set up to require us to send invites, if you’re interested send us an email at: ossec@atomicorp.com And if you’re a slack hacker, you should really join us. We need the help!

OSSEC Virtual Appliance 2.9.3

Posted on by Scott R. Shinn

Longtime OSSEC Contributor Vic Hargrave has released an update to the OSSEC Virtual appliance. Download https://ossec.github.io/downloads.html README This virtual appliance contains the following facilities: CentOS 7.4 OSSEC 2.9.3 Elasticsearch-Logstash-Kibana (ELK) 6.1.1 Cerebro 0.7.2 The virtual appliance is provided as an OVA which you can import into most virtual systems. We recommend using VirtualBox which can […]

OSSEC CON 2018

Posted on by Scott R. Shinn

Thanks again for everyone who attended OSSEC Con 2018, it was fantastic meeting everyone and hearing how you’re using OSSEC. I’d especially like to thank our sponsors: Virgil Security, Prometheus Global, Atomicorp and Cyber Academy. We’ve got some really exciting changes coming up soon! We’ve started collecting the slides from the show here: https://atomicorp.com/ossec-conference-2018/ Want […]

OSSEC 2.9.3

Posted on by Scott R. Shinn

Changelog Release Maintainers Dan Parriott Scott R. Shinn (Atomicorp, Inc.) Whats New New Rules / Decoders NSD Rules and Decoders Owncloud Rules and Decoders ProxMox Rules and Decoders PSAD Rules and Decoders Updated Rules / Decoders Apache Rules Asterisk Rules Mailscanner Rules Mysql Rules Nginx Rules OpenBSD Rules Postfix Rules RoundCube Rules Sendmail Rules Syslog […]

OSSEC 2.9.2

Posted on by Scott R. Shinn

Changelog Release Maintainers Dan Parriott Scott R. Shinn (Atomicorp, Inc.) Whats New New Rules / Decoders (Leo Feyer) OpenBDS decoder Exim decoder Dovecot Rules Exim Rules Chrome remote Desktop Rules (Kevin Branch) Netscreen Firewall Rules OpenBSD rules Updated Rules / Decoders (Leo Feyer) ssh decoder dropbear decoder su decoder vsftpd decoder dovecot decoder postfix decoder […]

OSSEC 2.9.1

Posted on by Scott R. Shinn

Changelog Release Maintainers Dan Parriott Scott R. Shinn (Atomicorp, Inc.) Whats New Updated rootcheck audit db’s Updated GeoIP support New Rules / Decoders Fixed Windows decoders PR #980: Update for vsftp rules / decoders General PR #1108: Implement GeoIP checks in Groups and Events PR #1136: Fix for mysql building PR #1144: Fixes Issue #1142 […]