'[prelude-announce] [ANNOUNCE]: Prelude-LML 1.0.0 Release Candidate 2'

[prev in list] [next in list] [prev in thread] [next in thread] 

List:       prelude-announce
Subject:    [prelude-announce] [ANNOUNCE]: Prelude-LML 1.0.0 Release Candidate 2
From:       Yoann Vandoorselaere <yoann.v () prelude-technologies ! com>
Date:       2010-02-10 15:50:47
Message-ID: 1265817047.12309.52.camel () arwen
[Download RAW message or body]

We are pleased to announce the availability of Prelude-LML 1.0.0rc2 ! 

With this first release candidate, we hope to collect comments and bug
reports from the Prelude community in order to solve the remaining
problems with the current Prelude codebase to ensure a final 1.0 release
that is rock solid! We would like to encourage anyone who is willing and
able to spend some time on testing to find and report problems to the
Prelude developers.

The final 1.0.0 release is expected to be released in February.

Prelude-LML is a signature based log analyzer monitoring logfile and
received syslog messages for suspicious activity. It handle events
generated by a large set of components, including but not limited to:
BigIP, Grsecurity, Honeyd, ipchains, Netfilter, ipfw, Nokia ipso,
Nagios, Norton Antivirus Corporate Edition, NTsyslog, PAM, Portsentry,
Postfix, Proftpd, ssh, etc.

------[ CHANGES ]------

* 2010-02-08, prelude-lml-1.0.0rc2:

- File notification improvement: some case where file notification was
not working appropriately were fixed. Improve handling of file
deletion (optionaly followed by file creation event).

- There was various case where the previous code would mishandle the
metadata write/verification. All known issues are now fixed.

- There was no monitoring for standard input, everything was read once
upon start and further input was ignored.

- Fix possible truncation of dispatched log, when the string contained
multiples nul terminator. Fixes a regression of LML 1.0.0rc1.

- Statistics were missing for UDP server input.

- Minor events reporting improvement, and bug fixes.

- Improve large file handling.

* 2010-01-29, prelude-lml-1.0.0rc1:

- Support for character encoding and convertion to UTF-8. The user
can specify a different character encoding for each files.

- Automatic character set detection if none is specified by the user,
the implementation will attempt to detect the character set used for a
given file. In case the detection fail, the system default will be
used.

- Log entry are now converted to UTF-8 before processing. This fixes a
problem where user could see incorrect characters in reported alert,
since they were carrying data that could involve differents character
set.

- Include Snare ruleset, courtesy of Nicholas Nachefski
<nnachefski@gmail.com>.

- [ModSecurity]: Events generated were missing some AdditionalData
information.

- [NetFilters]: ruleset compatibility Ulogd, various improvement.

- Various bug fixes.

------[ SUPPORT ] ------

Improving Prelude is costly, but you can help! We are looking for
organizations that find Prelude useful and wish to contribute back.

Commercial support contracts for Prelude are available, and they help
finance continued maintenance. PreludeIDS Technologies, a privately held
company, is currently funding Prelude maintenance.

------[ DOWNLOAD ]------

http://www.prelude-ids.com/development/download/

------[ CHECKSUM ]------

MD5 : ff96e16c931b47ef3c3d2f06b18a6861
SHA1 : 9762149e44b9ae434ea7a1d84d6a7f2b025840b5
SHA256 :
9abc93da0b291833a5f6439d3907adac7185471758886c4e993d149fb29083ad

------[ OpenPGP key ]------

gpg --keyserver wwwkeys.pgp.net --recv-keys 0x23D2FAC3

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)

iQIcBAABAgAGBQJLb+1JAAoJEBHxO34j0vrDcjYP/RxVCYmNDRZgAHVhhAu3Crg8
r+HW6APTtglsCcunHti/xbloPD5RwHsg3Ke6CRFCQ1Nji8gamg2h6PSfPnXDom6S
6B6BhvjQZhIBu+5wZZ/+pH5HnmVL27brkfc80KMAoZlP5WE1OMtx5251Dfm57fBj
w5NptRW4ubdQAsALXg/YXk+toIl7RpLVBxUqb+eJjLcDwt+paqwH7Izb6Wj/RM5j
BBMWjK4Fx3mjyFMVvF6Bp6ocbqxR94eQ2WRDhI0BvXmraqtaCi1hvtceAf5oEdcj
CqPOc8F2+O/arF+HktB7NZNayvJnYcB7EHE0ppbi/jpTgnTHnHy+/fi5LudUT61Y
R6vWh1IirJe2McHNQ7y/lheKKcP9jnjEkc4KeCaPx5e4ctQEQcvwwIk8NpeVp3Qo
nDcuY0vXTz7q8JO5n/pOs+TiYJ0uoHBryMtgYDDb1bY5P3Ay3pXaQozOXboijWvU
Wquw6vhcsCrf+RQ3EzofSY0ARhFFfhpXYRrwhzzJsz+g5NUbcMsqIJwP53RaJ4ZO
/XFWkyOw/lw9xAAtMtmYBUq+kJEB2jySZ7uiSCFCL01nkGxVMwUHc6YRtHg7VMsb
Ik4aYPgwP47oRw5iSZnQJCcxzBoEo2zzqn/ikP/ecdgmC3FdSgQGRfvIYX/jjJg7
Lkn1BRvyowl9s/1mhMpx
=XKrC
-----END PGP SIGNATURE-----

-- 
Yoann Vandoorselaere | Directeur Technique/CTO | PreludeIDS Technologies
Tel: +33 (0)1 40 24 65 10                      Fax: +33 (0)1 40 24 65 28
http://www.prelude-technologies.com

_______________________________________________
Prelude-announce mailing list
Prelude-announce@prelude-technologies.com
http://lists.prelude-technologies.com/mailman/listinfo/prelude-announce
[prev in list] [next in list] [prev in thread] [next in thread] 