Overview Repositories Revisions Requests Users Attributes Meta

An Open Source Host-based Intrusion Detection System

Edit Package ossec-hids
https://www.ossec.net

OSSEC HIDS is an Open Source Host-based Intrusion Detection
System. It performs log analysis, integrity checking, rootkit
detection, time-based alerting and active response.

  • 1 derived packages
  • Download package
  • osc -A https://api.opensuse.org checkout server:monitoring/ossec-hids && cd $_
  • Create Badge
Refresh
Refresh
Source Files
Filename Size Changed
ossec-hids-2.8.1.tar.gz 0001634812 1.56 MB
ossec-hids-suse.init.patch 0000000486 486 Bytes
ossec-hids.changes 0000014497 14.2 KB
ossec-hids.logrotate 0000000177 177 Bytes
ossec-hids.service 0000000309 309 Bytes
ossec-hids.spec 0000017444 17 KB
ossec-init.conf 0000000074 74 Bytes
ossec-remoted.patch 0000000614 614 Bytes
ossec-zlib.patch 0000001396 1.36 KB
sysconfig.ossec-hids 0000000318 318 Bytes
sysconfig.ossec-hids-client 0000000106 106 Bytes
sysconfig.ossec-hids-server 0000000107 107 Bytes
Revision 2 (latest revision is 14)
Darin Perusich's avatar Darin Perusich (deadpoint) committed (revision 2) 
- update to 2.8.1
 * NOTE: In terms of features this release is the same as OSSEC 2.8, *EXCEPT*
         it includes a fix for CVE-2014-5284 vulnerability discovered by Jeff
         Petersen of Roka Security LLC. 
         Go to https://github.com/ossec/ossec-hids/releases/tag/2.8.1 for more
         information regarding this issue. 
 * Installation
  + Server 
    - Avoided a crash of agentd on Solaris (danpop60)
    
  + Agent 
    - Fixed manage_agents -f potential infinite loop (awiddersheim)
    - Added manage_agents -r <id> to remove an agent (awiddersheim)
    - Allow NIX agents to use "-f" option and run in forground (awiddersheim)
    
    - Windows agent install/uninstall GUI enhancements (awiddersheim)
    - Windows agent_config profile fixed (gaelmuller)
    - Added eventchannel support for Windows agent on Vista or later (gaelmuller)
    - Many Windows agent bug fixes (awiddersheim)
 * Syscheck
  + Extended filesize from an integer to a long integer 
  + Make syscheck/analysisd/remoted.debug in internal_options.conf work (awiddersheim)
 * ActiveResponse 
  + Fix active-response on MAC OS Firewall (jknockaert)
 * Log monitoring/analysis
  + Add option to allow the outputing of all alerts to a zeromq PUB socket 
     in JSON format, using cJSON library (jrossi, justintime32). New Config:
     <ossec>
         <global>
             <zeromq_output>yes|no</zeromq_output>
Comments 0
openSUSE Build Service is sponsored by
Places