Threat Level: green Handler on Duty: Tom Webb

SANS ISC InfoSec Handlers Diary Blog


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!

OSSEC 1.5 released

Published: 2008-05-07
Last Updated: 2008-05-07 14:51:16 UTC
by Jim Clausing (Version: 1)
0 comment(s)

Okay, so we're almost a week late in acknowledging that our friend, Daniel Cid has released the latest version of his OSSEC HIDS (with help from others listed in the announcement).  The new release adds a number of new logs that can be monitored, and some new features and performance improvements (particularly to the windows agent).  You can find the announcement at http://www.ossec.net/main/ossec-v15-released and you can download from here.  Our thanx to Daniel for continuing to develop one of my favorite tools.

---Jim

Keywords: HIDS OSSEC
0 comment(s)

More on automated exploit generation

Published: 2008-05-07
Last Updated: 2008-05-07 14:36:40 UTC
by Jim Clausing (Version: 1)
0 comment(s)

We've done a couple of stories resulting from the release of the APEG paper a couple of weeks ago, and this story is by no means an attempt to downplay the significance of the threat or suggest that you not employ the countermeasures discussed in previous stories.  That said, when I first heard about it, my thought was, that sounds like an interesting result, but the hype is over the top.  Yes, it is a significant result, but "the sky is not falling."  I happened across a post on Halvar Flake's blog that explains it better than I could, so take a look for yourself.

---Jim

0 comment(s)
Diary Archives