Trend Micro, Inc. June 4, 2014
--------------------------------------------------------------------------------
OSSEC "v2.8.0" Release Note
--------------------------------------------------------------------------------
Summary of changes in v2.8.0
=== Installation
== Server
- Avoided a crash of agentd on Solaris (danpop60)
== Agent
- Fixed manage_agents -f potential infinite loop (awiddersheim)
- Added manage_agents -r <id> to remove an agent (awiddersheim)
- Allow NIX agents to use "-f" option and run in forground (awiddersheim)
- Windows agent install/uninstall GUI enhancements (awiddersheim)
- Windows agent_config profile fixed (gaelmuller)
- Added eventchannel support for Windows agent on Vista or later (gaelmuller)
- Many Windows agent bug fixes (awiddersheim)
=== Syscheck
== Extended filesize from an integer to a long integer
== Make syscheck/analysisd/remoted.debug in internal_options.conf work (awiddersheim)
=== ActiveResponse
== Fix active-response on MAC OS Firewall (jknockaert)
=== Log monitoring/analysis
== Add option to allow the outputing of all alerts to a zeromq PUB socket
in JSON format, using cJSON library (jrossi, justintime32). New Config:
<ossec>
<global>
<zeromq_output>yes|no</zeromq_output>
<zeromq_uri>tcp://localhost:11111</zeromq_uri>
== Add TimeGenerated to the output of Windows Event logs (awiddersheim)
== os_net fixes, and code clean up in general (cgzones)
== os_regex unit test cases added (cgzones)
== os_xml review and fixes (cgzones)
=== Rules and Decoders
== Added some additional sshd rules in sshd_rules.xml (joshgarnett)
== Removed bro-ids rules (ddpbsd)
== Removed event ID 676, 672 in msauth_rules.xml (mstarks01)
=== Contributions
== zeromq_pubsub.py (jrossi)
== ossec-eps.sh, a script to calculate events-per-second (mstarks01)
OSSEC 2.8 CONTRIBUTORS (GitHub usernames in alphabetical order):
awiddersheim
Brad Lhotsky
cgzones
ChristianBeer
danpop60 (Solaris fix)
ddpbsd
denied39
dopefish
gaelmuller
harshilmathur
jbcheng
jknockaert
justintime32
Joshua Garnett
harshilmathur
hexinglun
jrossi
labrown
Micha Nasriachi
mstarks01
northox
pdrakeweb
reyjrar
Santiago Bassett
=== END ===
Monday, July 7, 2014
OSSEC 2.8 Released
OSSEC 2.8 has been released in June 2014 and can be downloaded here. After moving to GitHub in early 2014, many contributors joined and submitted excellent Pull Requests. Below is a copy of the release notes which is a high level summary of the major changes since 2.7.1. Refer to GitHub commit history for a complete list.
Tuesday, January 28, 2014
OSSEC 2.7.1 and Beyond
OSSEC 2.7.1 has been released in November 2013 which contained mostly bug fixes.
Since then many new pull requests have been submitted and many developers are eager to contribute their talents. After considering many factors, it was decided that it's time to move the source code repository to GitHub. This is happening during the first quarter of 2014.
After the move, the future of OSSEC will be driven mainly by the community. There will be many opportunities for contributors/maintainers in the areas of source code, rule sets, and documentation.
Please check www.osse.net in the next few weeks for the latest development.
Since then many new pull requests have been submitted and many developers are eager to contribute their talents. After considering many factors, it was decided that it's time to move the source code repository to GitHub. This is happening during the first quarter of 2014.
After the move, the future of OSSEC will be driven mainly by the community. There will be many opportunities for contributors/maintainers in the areas of source code, rule sets, and documentation.
Please check www.osse.net in the next few weeks for the latest development.
Subscribe to:
Posts (Atom)