Version 0.7 of the OSSEC HIDS is available.
OSSEC HIDS is an open source host-based intrusion
detection system. It performs log analysis, integrity
checking, rootkit detection, time-based alerting and
active response.
This is one of the most improved versions so far. It
now includes support for squid, pure-ftpd, postfix and
AIX ipsec logs (in addition to a lot of improvements
to the previous rules).
The integrity checking engine now allows granular
options, where you can specify exactly what options
you want to monitor (checksum, size, ownership, etc).
The rootkit detection had a lot of improvements too,
reducing false positives on most of the systems and
with a lot of new anomaly checks to detect kernel
level rootkits.
We also have a new website and the installation in 4
different languages (portuguese, english, german and
turkish).
In addition to that, this version includes a lot of
bug fixes and performance improvements.
Complete Changelog:
http://www.ossec.net/en/v07-2006-03-29.html
To download the new version:
http://www.ossec.net/files/ossec-hids-0.7.tar.gz
Use our mailling list if you have any questions,
suggestions or comments :
http://www.ossec.net/en/mailing_lists.html
Thanks,
--
Daniel B. Cid
dcid @ ( at ) ossec.net
http://www.ossec.net
_______________________________________________________
Yahoo! Acesso Grátis - Internet rápida e grátis. Instale o discador agora!
http://br.acesso.yahoo.com
------------------------------------------------------------------------
Test Your IDS
Is your IDS deployed correctly?
Find out quickly and easily by testing it
with real-world attacks from CORE IMPACT.
Go to http://www.securityfocus.com/sponsor/CoreSecurity_focus-ids_040708
to learn more.
------------------------------------------------------------------------
