OSSEC v1.6 Released



User avatar


Posts: 4270

Joined: Sun Aug 28, 2005 10:47 pm

Location: Chicago

Post Sun Sep 07, 2008 11:56 pm

OSSEC v1.6 Released

OSSEC is an Open Source Host-based Intrusion Detection System. It performs log analysis, integrity checking, Windows registry monitoring, rootkit detection, real-time alerting and active response.

This new version delivers the most comprehensive update to OSSEC in its history, with numerous new features and bug fixes, including:

- New multi-server architecture
- New platform support for Microsoft Vista (and Server 2008)
- New platform support for VMware ESX
- Added active response module for Windows
- CIS benchmarks on Linux (through the policy auditing)
- Added the VMWare Security hardening guideline to the policy auditing
- Added support for McAfee VirusScan Enterprise logs
- Added support for VMware ESX hostd logs
- Added support for Mac OS FTP server logs
- New tools to better manage the data stored (syscheck_control, rootcheck_control, log_test)

And much more… Check the changelog to see all changes and contributors.




User avatar


Posts: 17

Joined: Thu Aug 14, 2008 7:45 am

Post Mon Sep 08, 2008 9:06 am

Re: OSSEC v1.6 Released

I think this might be a dupe of  OSSEC v. 1.6 ;)

Version 1.6 might not be completely ready for prime time yet though.  There have been numerous problems reported with the release, including non-functional Windows active response.  The main developer, Daniel Cid,  recently wrote to the OSSEC mailing list:

Hi all,

I think I figured out what was going on. Depending on the argument (if
it had spaces),
the command to block would not be called properly. I am pretty sure it is fixed
on the following snapshot:

http://www.ossec.net/files/snapshots/os ... 080904.exe

Can you try with this version? You don't need to update the server,
just the agent side.

*I will release a v1.6.1 soon with the fixes for some of the reported
bugs so far.


Daniel B. Cid
dcid ( at ) ossec.net

Return to Tools

Who is online

Users browsing this forum: No registered users and 0 guests

Powered by phpBB® Forum Software © phpBB Group.
Designed by ST Software