I was thinking that the next big GUI addition would be an interface down at the client/domain level that would just show alerts relevant to them. Just to keep everyone in the loop ( I think I'll start putting this in a developers blog or something) over the next week or so:
1) OSSEC 1.5 integration:
- Integrating its new features (asterisk support, client management, etc)
- Optimizing the whitelist/blacklist/geoblocking
- Optimizing the blocklist displays
2) Kernel update to 2.6.24.7
- Investigating SMP, and Cisco PIX bugs
- OpenVZ / Virtuozzo support
Ive started a rough wiki page here:
http://www.atomicorp.com/wiki/index.php ... e_Schedule
Geoblocking "Select All" Button Request
- mikeshinn
- Atomicorp Staff - Site Admin
- Posts: 4149
- Joined: Thu Feb 07, 2008 7:49 pm
- Location: Chantilly, VA
Thats a great idea, I just added it to the features list.I'd also like to add a widget graph on my biz website like "ASL Protected" with some graph of all the bad stuff blocked might be good advertisement for both you and me. This wishing stuff is easy!
That sounds like a good idea as well. I imagine we could make it optional what you want to show, ASL Protected vs. 100% Secure or something depending on what you want to expose.I like this, I added the ART logo in my Plesk headers already Smile maybe you can use the system of scanalert.com (HackerSafe) if you are 100% hackerSafe you get this in your logo, if there is a vulnerability is shows to
Love the ideas!
Michael Shinn
Atomicorp - Security For Everyone
Atomicorp - Security For Everyone
Exactly maybe you can also add the PCI compliance in the Logo if ASL is 100% is does not mean you meet PCI?, If I read the PCI rules on ScanAlert you also need a Hardware Firewall with IPS and you system needs to be scanned every day. I do not know the rules about DNS but I think they want you to run it externally, so this should be checked as well. The logo should be generated from the ASL software so that it becomes impossible for a none ASL users to copy the logo and use it incorrectly. To implement this system there also should be an audit for the rules, this would be hand work so this cost time. Example: the Trace vulnerability in Apache 2 on CentOS4. It is not possible to shut this of so ASL reports a vulnerability however ASL has also a fix so you’re a safe. Then you should be able to remove the vulnerability so ASL will be 100% again.I imagine we could make it optional what you want to show, ASL Protected vs. 100% Secure or something depending on what you want to expose.