Overview Repositories Revisions Requests Users Attributes Meta

Revisions of ossec-hids

Lars Vogdt's avatar Lars Vogdt (lrupp) committed (revision 14)
Lars Vogdt's avatar Lars Vogdt (lrupp) committed (revision 13)
Lars Vogdt's avatar Lars Vogdt (lrupp) committed (revision 12)
Lars Vogdt's avatar Lars Vogdt (lrupp) committed (revision 11) 
trigger service run
Lars Vogdt's avatar Lars Vogdt (lrupp) committed (revision 10)
Lars Vogdt's avatar Lars Vogdt (lrupp) committed (revision 9)
Lars Vogdt's avatar Lars Vogdt (lrupp) committed (revision 8) 
trigger service run
Lars Vogdt's avatar Lars Vogdt (lrupp) committed (revision 7) 
Modified via webui
Lars Vogdt's avatar Lars Vogdt (lrupp) committed (revision 6) 
- update to 3.6.0
  + Its that time of year again, our annual independent security audit! Joining our
    previous two years auditors, Apple Security and OVH Internet is security
    researcher Daniel McCarney (@cpu) who performed a very in depth analysis on our
    IDS engine updates (PCRE2, and more). With a project as critical as OSSEC in
    securing cloud and enterprise assets its very important to us to have
    independent assessments of the framework. So again we want to thank all of our
    auditors, old and new for their contribution to the project.
- from 3.5.0
  + This would have been a minor 3.4.1 update if it wasnt for Boris Lukashev of
    https://www.sempervictus.com contributing a much needed update to multi-line
    log analysis. Previous usage of multi-line in OSSEC in the past was limited
    in processing events that did not use indentiation, a fairly common 
    modern practice for readability. 
    This update adds a new type: multi-line_indented to handle this condition 
    (Example: postgresql).
  + Maintenance fixes in this release also address issue #1781, which affected
    maild when calling an external program, and add support for Fedora 31
- from 3.4.0
  Big changes in this release add support for the following new platforms:
  + Debian buster
  + Fedora 30
  + RHEL 8
  + (Much awaited!) Centos 8
  @jubois has completed the first round of pcre2 rule updates. This is a very
  exciting change to the overall IDS engine in OSSEC and opens the platform up to
  much more complex (and faster!) search functionality.
  + Last but not least, @ddpbsd has a long awaited fix for agentd/maild when
    ipv6 is disabled and/or hostnames are used instead of IPs in PR#1698. Thanks
    again to all our community contributors, and dedicated team members for their
Darin Perusich's avatar Darin Perusich (deadpoint) accepted request 677665 from Tuukka Pasanen's avatar Tuukka Pasanen (illuusio) (revision 5) 
- update to 3.2.0 
  The great JSON-in-ing has begun!
  New features in this release focus on extending JSON output support to control
  commands like agent_control, syscheck_control, and rootcheck_control.
  Additional extensions add support for archives.log in native json format,
  and improving the alert.json output. This release also also brings some much
  needed enhancements to ossec-authd to streamline the agent registration experience
  (thanks nhatking16591!), Bob-Andrews continues on major auditing
  improvements plus support for Solaris 11.
- See rest releases: https://github.com/ossec/ossec-hids/releases
- Update build process to new build system
- Update patch 'ossec-hids-suse.init.patch'.
- Added GPG signature to verify source
Lars Vogdt's avatar Lars Vogdt (lrupp) accepted request 672365 from Tuukka Pasanen's avatar Tuukka Pasanen (illuusio) (revision 4) 
- openSUSE 15.0 and above doesn't use '/var/adm/fillup-template'
  They use %{_fillupdir}. Make chage to use macro not direct
  directory
- Add fallback define %{_fillupdir} for openSUSE 42.3
Darin Perusich's avatar Darin Perusich (deadpoint) committed (revision 2) 
- update to 2.8.1
 * NOTE: In terms of features this release is the same as OSSEC 2.8, *EXCEPT*
         it includes a fix for CVE-2014-5284 vulnerability discovered by Jeff
         Petersen of Roka Security LLC. 
         Go to https://github.com/ossec/ossec-hids/releases/tag/2.8.1 for more
         information regarding this issue. 
 * Installation
  + Server 
    - Avoided a crash of agentd on Solaris (danpop60)
    
  + Agent 
    - Fixed manage_agents -f potential infinite loop (awiddersheim)
    - Added manage_agents -r <id> to remove an agent (awiddersheim)
    - Allow NIX agents to use "-f" option and run in forground (awiddersheim)
    
    - Windows agent install/uninstall GUI enhancements (awiddersheim)
    - Windows agent_config profile fixed (gaelmuller)
    - Added eventchannel support for Windows agent on Vista or later (gaelmuller)
    - Many Windows agent bug fixes (awiddersheim)
 * Syscheck
  + Extended filesize from an integer to a long integer 
  + Make syscheck/analysisd/remoted.debug in internal_options.conf work (awiddersheim)
 * ActiveResponse 
  + Fix active-response on MAC OS Firewall (jknockaert)
 * Log monitoring/analysis
  + Add option to allow the outputing of all alerts to a zeromq PUB socket 
     in JSON format, using cJSON library (jrossi, justintime32). New Config:
     <ossec>
         <global>
             <zeromq_output>yes|no</zeromq_output>
Darin Perusich's avatar Darin Perusich (deadpoint) accepted request 222588 from Darin Perusich's avatar Darin Perusich (deadpoint) (revision 1) 
OSSEC is an Open Source Host-based Intrusion Detection System that performs log analysis, file integrity checking, policy monitoring, rootkit detection, real-time alerting and active response.
Displaying all 14 revisions
openSUSE Build Service is sponsored by
Places