This has been a long release cycle, but OSSEC 2.6 BETA1 is now available. Helping us out testing the beta version is a great way to contribute back to the project and the best way to get started on it.
How to test the BETA?
Download it from here:
- Unix/Solaris/Linux/Mac: http://www.ossec.net/files/snapshots/ossec-hids-110607.tar.gz
- Windows: http://www.ossec.net/files/snapshots/ossec-agent-win32-110607.exe
And install on as many systems as you can. Make sure that the upgrade/install process is working without errors and that everything that was working before still it. If everything works (or you see any error), post in the comments section in here, send to the mailing list or privately to us (dcid@ossec.net).
Testing the new features
In addition to making sure everything still works, you can try some of the new features (full list here):
- Added IPv6 support
- Lots of new rules (OpenBSD, Clamav, BRO-ids, active response logs, etc, etc)
- Added os-authd – Automatically creating and setting up the agent keys
- Added CEF support to client syslog
- Improved reporting for file changes
- Added option to Block repeated offenders with OSSEC
Plus a bunch of bug fixes… Let us know how it goes.
Hi,
Thanks for the great work on Ossec. Sometime ago, I had reported a bug on reportd. The link to the discussion is here http://groups.google.com/group/ossec-list/browse_thread/thread/d235453eda6cbde9/0f230559a762871a?lnk=gst&q=how+to+get+full+log+dump#0f230559a762871a
In the latest sources, the line that has been added sets the variable “show_alerts” to 0 (disables full log output). If possible, could you set it to 1 by default, or provide a command line option toggle it.
Thanks.
Sorry, pls ignore this comment. I just saw that reportd has a command line option to toggle it. Thanks again for the great work on ossec.
I don’t see how to report bugs/issues for the beta?
You can post in here, or send to our mailing list ossec-dev@ossec.net.
thanks,
Pingback: OSSEC Email Alerts on Active Responses
The Windows installer needs the version updated…
Daniel
OSSEC looks very promising. I was looking for Intrusion detection solutions and found this blog. Can you please direct me to installation of the manager on a Windows Server 2008 system? Thank you in advance.
Regards
Durgesh