Longtime OSSEC Contributor Vic Hargrave has released an update to the OSSEC Virtual appliance. Download https://ossec.github.io/downloads.html README This virtual appliance contains the following facilities: CentOS 7.4 OSSEC 2.9.3 Elasticsearch-Logstash-Kibana (ELK) 6.1.1 Cerebro 0.7.2 The virtual appliance is provided as an OVA which you can import into most virtual systems. We recommend using VirtualBox which can […]
Thanks again for everyone who attended OSSEC Con 2018, it was fantastic meeting everyone and hearing how you’re using OSSEC. I’d especially like to thank our sponsors: Virgil Security, Prometheus Global, Atomicorp and Cyber Academy. We’ve got some really exciting changes coming up soon! We’ve started collecting the slides from the show here: https://atomicorp.com/ossec-conference-2018/ Want […]
Changelog Release Maintainers Dan Parriott Scott R. Shinn (Atomicorp, Inc.) Whats New New Rules / Decoders NSD Rules and Decoders Owncloud Rules and Decoders ProxMox Rules and Decoders PSAD Rules and Decoders Updated Rules / Decoders Apache Rules Asterisk Rules Mailscanner Rules Mysql Rules Nginx Rules OpenBSD Rules Postfix Rules RoundCube Rules Sendmail Rules Syslog […]
Changelog Release Maintainers Dan Parriott Scott R. Shinn (Atomicorp, Inc.) Whats New New Rules / Decoders (Leo Feyer) OpenBDS decoder Exim decoder Dovecot Rules Exim Rules Chrome remote Desktop Rules (Kevin Branch) Netscreen Firewall Rules OpenBSD rules Updated Rules / Decoders (Leo Feyer) ssh decoder dropbear decoder su decoder vsftpd decoder dovecot decoder postfix decoder […]
Changelog Release Maintainers Dan Parriott Scott R. Shinn (Atomicorp, Inc.) Whats New Updated rootcheck audit db’s Updated GeoIP support New Rules / Decoders Fixed Windows decoders PR #980: Update for vsftp rules / decoders General PR #1108: Implement GeoIP checks in Groups and Events PR #1136: Fix for mysql building PR #1144: Fixes Issue #1142 […]
Changelog Release Maintainers Dan Parriott Scott R. Shinn (Atomicorp, Inc.) Whats New Alert Output support for JSON and ZeroMQ Syscheck improvements Report file deletion, even without realtime enabled Report modifications made on directories Corrects bug so that files created between the first and second scan are reported as new files Corrects bug that made changes […]
This release marks our first (and possibly only if all goes well) release candidate for OSSEC 2.9. Assuming no issues are reported, this release will become the final OSSEC release. Now is when we need really your help! As a community driven project, we need all the testing a release this size can get. Let […]
This release marks our official code freeze for 2.9, from here on out we will only be accepting bug fixes to the 2.9 branch. Now is when we need your help! As a community driven project, we need all the testing a release this size can get. Let us know in the OSSEC mailing list, […]
OSSEC 2.8.3 has been released and posted on our Downloads page. You can check the Release Notes to find out what has been updated in this release.
The CVE-2015-3222 vulnerability, which allows for root escalation via syscheck has been fixed in OSSEC 2.8.2. Full details of the issue can be found on the OSSEC Github repository – https://github.com/ossec/ossec-hids/releases/tag/2.8.2.