OSSEC 3.1.0

Posted on by Scott R. Shinn

Changelog Release Maintainers Dan Parriott Scott R. Shinn (Atomicorp, Inc.) Release Notes Special thanks on this release go out to: davestoddard for an amazingly well thought out, and well documented update to the networking code Bob-Andrews for the largest update to the auditing system in the project history phamvoung for resolving some very subtle bugs […]

OSSEC 3.0.0

Posted on by Scott R. Shinn

Changelog Release Maintainers Dan Parriott Scott R. Shinn (Atomicorp, Inc.) Whats New SQLite support for syscheck PR #1091 – whitelist for files in sqlite DB PR #1364 – add some ifdefs for the md5 whitelist database (USE_SQLITE) Update cJSON 1.7.0 #1351 Add Pagerduty Active response #1302 OSSEC-authd #890 / #873 – Dichotomic search to add […]

OSSEC 2.9.4

Posted on by Scott R. Shinn

Changelog Release Maintainers Dan Parriott Scott R. Shinn (Atomicorp, Inc.) General PR #1207, for issue #1205, Pushing merged.mg to Windows agents fails due to EOL conversion PR #1259, for issue #1145, fixes for RHEL getaddrinfo/ipv6 PR #1428, for issue #1425, check owner option doesnt work on windows agent PR #1428, for issue #1425, check owner […]

OSSEC 2.9.3

Posted on by Scott R. Shinn

Changelog Release Maintainers Dan Parriott Scott R. Shinn (Atomicorp, Inc.) Whats New New Rules / Decoders NSD Rules and Decoders Owncloud Rules and Decoders ProxMox Rules and Decoders PSAD Rules and Decoders Updated Rules / Decoders Apache Rules Asterisk Rules Mailscanner Rules Mysql Rules Nginx Rules OpenBSD Rules Postfix Rules RoundCube Rules Sendmail Rules Syslog […]

OSSEC 2.9.2

Posted on by Scott R. Shinn

Changelog Release Maintainers Dan Parriott Scott R. Shinn (Atomicorp, Inc.) Whats New New Rules / Decoders (Leo Feyer) OpenBDS decoder Exim decoder Dovecot Rules Exim Rules Chrome remote Desktop Rules (Kevin Branch) Netscreen Firewall Rules OpenBSD rules Updated Rules / Decoders (Leo Feyer) ssh decoder dropbear decoder su decoder vsftpd decoder dovecot decoder postfix decoder […]

OSSEC 2.9.1

Posted on by Scott R. Shinn

Changelog Release Maintainers Dan Parriott Scott R. Shinn (Atomicorp, Inc.) Whats New Updated rootcheck audit db’s Updated GeoIP support New Rules / Decoders Fixed Windows decoders PR #980: Update for vsftp rules / decoders General PR #1108: Implement GeoIP checks in Groups and Events PR #1136: Fix for mysql building PR #1144: Fixes Issue #1142 […]

OSSEC 2.9.0

Posted on by Scott R. Shinn

Changelog Release Maintainers Dan Parriott Scott R. Shinn (Atomicorp, Inc.) Whats New Alert Output support for JSON and ZeroMQ Syscheck improvements Report file deletion, even without realtime enabled Report modifications made on directories Corrects bug so that files created between the first and second scan are reported as new files Corrects bug that made changes […]

CVE-2014-0160 (Heartbleed bug) Advisory for OSSEC

Posted on by Scott R. Shinn

The recently disclosed CVE-2014-0160 vulnerability – heartbleed read overrun – in OpenSSL may impact OSSEC installations where OSSEC was deployed with OpenSSL support, either when built from source or installed from RPMs. In particular this issue leaves ossec-authd open to attack. The CVE-2014-0160 vulnerability has been fixed in OpenSSL 1.0.1g. OSSEC users are advised to […]