Monthly Archives: August 2008

v1.6 BETA2 begins

If you would like to contribute to the project and don’t know how, beta testing our version 1.6 might be a good way to get started. The list of new features, bug fixes and packages to use are all available … Continue reading

Posted in ossec, v16 | 1 Comment

OSSEC mailing list in portuguese

Rodrigo Montoro created an OSSEC mailing list in Portuguese. More info: http://tech.groups.yahoo.com/group/ossecbr/ Thanks!

Posted in ossec | Leave a comment

v1.6 Beta testing begins

If you would like to contribute to the project and don’t know how, beta testing our version 1.6 might be a good way to get started. The list of new features, bug fixes and packages to use are all available … Continue reading

Posted in ossec, v16 | 1 Comment

Active response on Windows

Another big feature that we never got around to implement until now. For version 1.6, OSSEC will come with the route-null.cmd script to block an IP address on Windows by modifying the route to it. To get started, you will … Continue reading

Posted in ossec, v16, windows | Leave a comment

Multi-server architecture

This is another feature that has been asked constantly for a long time and just now we got around to implement it. The idea is to allow one OSSEC server (manager) to parse the alerts from another one, creating a … Continue reading

Posted in ossec, v16 | Leave a comment

Sample chapters of the OSSEC book

I don’t think I mentioned it before, but we have two free sample chapters of the OSSEC book available online. The first one is chapter 2: http://searchsecuritychannel.techtarget.com/tip/0,289483,sid97_gci1323740,00.html The second one is chapter 5: http://www.syngress.com/book_catalog/sample_159749240X.pdf

Posted in book, ossec | 1 Comment

New tool: syscheck_control

Recently I have been focused on trying to make OSSEC more friendly and easier to manage. Last version (1.5) we added the agent_control tool (to manage the agents remotely), and for the v1.6, one of the new features is the … Continue reading

Posted in ossec, v16 | Leave a comment