[prev in list] [next in list] [prev in thread] [next in thread]
List: prelude-announce
Subject: [prelude-announce] [ANNOUNCE]: prelude-lml 0.9.15
From: Yoann Vandoorselaere <yoann.v () prelude-ids ! com>
Date: 2009-07-16 13:57:18
Message-ID: 1247752639.8088.17.camel () arwen
[Download RAW message or body]
We are pleased to announce the availability of Prelude-LML 0.9.15.
Prelude-LML is a signature based log analyzer monitoring logfile and
received syslog messages for suspicious activity. It handle events
generated by a large set of components, including but not limited to:
BigIP, Grsecurity, Honeyd, ipchains, Netfilter, ipfw, Nokia ipso,
Nagios, Norton Antivirus Corporate Edition, NTsyslog, PAM, Portsentry,
Postfix, Proftpd, ssh, etc.
------[ CHANGES ]------
- Make the Prelude-LML UDP server IPv6 compatible.
- Implement 'idmef-alter' and 'idmef-alter-force' option, alloing
to include static values into IDMEF events generated using a given
format.
- New PPP/PPTPD/L2TP ruleset, by Alexander Afonyashin <firm@iname.com>,
with slight modification from Pierre Chifflier <p.chifflier@inl.fr>.
Close #340.
- Fix CISCO VPN ruleset so that the 'Authentication rejected' rule will
trigger even if the 'server' field does not contain a word (fix #328).
- Remove dos-style end-of-lines (Closes #338)
- Fixes possible off by one when parsing variable reference number, and
remove un-needed check that would always evaluate to TRUE.Thanks
Steve Grubb <sgrubb@redhat.com> for reporting this problem (and
running flexelint on the Prelude sources)!
- Update for libtool 2.x compatibility.
- This simplify the whole regular expression handling a lot, making the
code much easier to read, and fixing potential problem with ovector
assignement. This code should also improve performance by a small
factor.
- Change CISCO references urls to their new location, add CISCO ASA rule
to handle discarded tcp or udp packets.
- Various fixes and update.
------[ SUPPORT ] ------
Improving Prelude is costly, but you can help! We are looking for
organizations that find Prelude useful and wish to contribute back.
Commercial support contracts for Prelude are available, and they help
finance continued maintenance. PreludeIDS Technologies, a privately held
company, is currently funding Prelude maintenance.
------[ DOWNLOAD ]------
http://www.prelude-ids.com/development/download/
------[ CHECKSUM ]------
MD5 : 7a2921fa737df2605f739ce734c14c2c
SHA1 : 96f2f0d029dd75ca047bc0839f14418ddc1b5975
SHA256 :
b326bbbff3f0873a79e26067a08cc4f77fcccffae99c86c497798b4b0e145d26
------[ OpenPGP key ]------
gpg --keyserver wwwkeys.pgp.net --recv-keys 0x23D2FAC3
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
iQIcBAABAgAGBQJKXy/NAAoJEBHxO34j0vrDne8QAIBhHiBUG4nXAywxCMSQ5XQ2
PBo9yqFA1MbZcCe0oyQzdC2Bc6qnT5ObUNsL8ulatzhZ0zpv20qGrjPXJvJ3uHKA
iDoiJjDxr4ESYuK2T28Fg3tsJMdQvelg2ITeZnt8WX7jKYgonELhHKzVp6xZCB0m
Pz6v/uzRsJG4oQHiUcmAFDYp9gkyC4lEaoZ0ZNr5AcVah2RpnDIyGWbeMIcOKBDH
8yFhxSfSZoTfb7r2czeFr2IHQ8afUxdAS2Gdc29IXgfE2LeRnBpmGDBNI3wqLY+c
5HislA7oVnjwBigxZFW8ahg4uJSYveskoyEgV7qeRBwVixg+80sji7T6ADvdxPQ3
8A1keDmgez7ZXUdiC4HbFmpiXgKdWtlRShRR/e24/ziTsdsgYgevZu9DGFPvFBM+
xS4HgjuAugdom/I0r/skIfKNmIY3jeuHQ8KG3nYmJKaW7Meh5ajvfZCxYClv24SF
9EZKsfc5sQZhOaNSO492ebtL077MijQ2qIbEcmnCBBLwB5ucB4Z3klcugR6vViRw
RBuQP5Z2MaY1qaZjEhzaQOb5Jy20IB8jYlcFJFgJsVrhfZcR4JG7+qI4fl3imYcA
UrhYzV8mbjGM2+Bf4nDwSJOUBcbj103hbFYbzSTOjht8OYMnHJbWvsQMNcVgxi1s
FuU2SeWZz0Wkg+ffK7Xb
=SowH
-----END PGP SIGNATURE-----
--
Yoann Vandoorselaere | Directeur Technique/CTO | PreludeIDS Technologies
Tel: +33 (0)8 70 70 21 58 Fax: +33(0)4 78 42 21 58
http://www.prelude-ids.com
_______________________________________________
Prelude-announce mailing list
Prelude-announce@prelude-ids.org
http://lists.prelude-ids.org/mailman/listinfo/prelude-announce
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic