store | blogs | forums | twitter | facebook | wiki | downloads | support portal
Atomic Secure Linux
It is currently Sun Aug 25, 2019 9:20 pm

» Feed - Atomicorp

All times are UTC - 5 hours [ DST ]




Post new topic Reply to topic  [ 6 posts ] 
Author Message
 Post subject: OSSEC 2.9.2 Released!
Unread postPosted: Wed Aug 09, 2017 7:21 pm 
Offline
Atomicorp Staff - Site Admin
Atomicorp Staff - Site Admin

Joined: Wed Dec 31, 1969 8:00 pm
Posts: 8329
Location: earth
https://github.com/ossec/ossec-hids/releases/tag/2.9.2

Changelog

Release Maintainers

Dan Parriott
Scott R. Shinn (Atomicorp, Inc.)

Whats New

New Rules / Decoders (Leo Feyer)
OpenBDS decoder
Exim decoder
Dovecot Rules
Exim Rules
Chrome remote Desktop Rules (Kevin Branch)
Netscreen Firewall Rules
OpenBSD rules

Updated Rules / Decoders (Leo Feyer)
ssh decoder
dropbear decoder
su decoder
vsftpd decoder
dovecot decoder
postfix decoder
pix decoder
apache decoder
windows decoder
Dovecot Rules
SSHd Rules
Syslog Rules


Top
 Profile  
Reply with quote  
 Post subject: Re: OSSEC 2.9.2 Released!
Unread postPosted: Tue Aug 15, 2017 8:02 pm 
Offline
Forum User
Forum User

Joined: Thu Dec 01, 2016 4:46 am
Posts: 5
Location: Sydney
Hi,

I downloaded the latest ossec-hids 2.9.2 for CentOS 7 and after configuring it didn't work out of the box.

There's syntax errors in /var/ossec/etc/ossec.conf on these lines:

<system_audit>/var/ossec/etc/shared/cis_rhel5_linux_rcl.txt</system_audit>
<system_audit>/var/ossec/etc/shared/cis_rhel6_linux_rcl.txt</system_audit>
<system_audit>/var/ossec/etc/shared/cis_rhel7_linux_rcl.txt</system_audit>

ie. I had to change the three lines above to "/system_audit" as they were misspelled and stopped the agent from starting up due to the syntax errors.


Top
 Profile  
Reply with quote  
 Post subject: Re: OSSEC 2.9.2 Released!
Unread postPosted: Mon Aug 21, 2017 5:46 pm 
Offline
Atomicorp Staff - Site Admin
Atomicorp Staff - Site Admin

Joined: Wed Dec 31, 1969 8:00 pm
Posts: 8329
Location: earth
Thanks for the report, we should have an update out for this one soon!


Top
 Profile  
Reply with quote  
 Post subject: Re: OSSEC 2.9.2 Released!
Unread postPosted: Sun Oct 08, 2017 6:00 pm 
Offline
New Forum User
New Forum User

Joined: Sun Oct 08, 2017 5:49 pm
Posts: 1
Location: Novato
The el6 versions of the ossec-* rpms are not being seen by createrepo (el7 is ok).

The el6 hosts won't update to 2.9.2 from 2.9.0 via yum from a local yum repo with the ossec-* rpms.

I'll admit that I cannot quite figure out why.

Is there possibly a problem with the way the rpms have been built?

Brian


Top
 Profile  
Reply with quote  
 Post subject: Re: OSSEC 2.9.2 Released!
Unread postPosted: Tue Oct 10, 2017 7:40 am 
Offline
Atomicorp Staff - Site Admin
Atomicorp Staff - Site Admin

Joined: Wed Dec 31, 1969 8:00 pm
Posts: 8329
Location: earth
Could be an epoch tag that slipped in on an older version. I seem to recall that happened when some branch packages were published for a day or so to the repo.


Top
 Profile  
Reply with quote  
 Post subject: Re: OSSEC 2.9.2 Released!
Unread postPosted: Tue Oct 31, 2017 2:19 pm 
Offline
New Forum User
New Forum User

Joined: Tue Oct 31, 2017 2:06 pm
Posts: 1
Location: NY
Hi Scott,

I am having trouble updating with ossec-hids-server_2.9.2-2154xenial_amd64.deb

root@OSSEC-Server:~# dpkg -i ossec-hids-server_2.9.2-2154xenial_amd64.deb
(Reading database ... 110592 files and directories currently installed.)
Preparing to unpack ossec-hids-server_2.9.2-2154xenial_amd64.deb ...
Unpacking ossec-hids-server (2.9.2-2154xenial) ...
dpkg: error processing archive ossec-hids-server_2.9.2-2154xenial_amd64.deb (--install):
trying to overwrite '/var/ossec/rules/vsftpd_rules.xml', which is also in package ossec-hids 2.8.3-4trusty
dpkg-deb: error: subprocess paste was killed by signal (Broken pipe)
Errors were encountered while processing:
ossec-hids-server_2.9.2-2154xenial_amd64.deb

Thanks.


Top
 Profile  
Reply with quote  
Display posts from previous:  Sort by  
Post new topic Reply to topic  [ 6 posts ] 

» Feed - Atomicorp

All times are UTC - 5 hours [ DST ]


Who is online

Users browsing this forum: No registered users and 1 guest


You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot post attachments in this forum

Search for:
Jump to:  
Powered by phpBB © 2000, 2002, 2005, 2007 phpBB Group