ASL Release Schedule
Contents |
Current Release is: 2.0
Next Release is: 2.0.1
Target Date: 23JUN08
Tasks in progress
1) Mysql support for the alert engine:
- Get mysql configuration Logic into the ossec and configuration modules - Web interface chages - Support Mysql - Also support reading files (current system) - Add in basic search capabilities - (option) Add in archiving events (for mass storage)
2) Update to mod_security 2.5.5
3) Extend clamav support to cover email
- Create basic configuration interface for Plesk (PSA will be a dependency)
2.0RC3 Tasks (Completed)
The following lists the targets for the next release date. This does list does not always indicate bug fixes.
1) OSSEC 1.5 integration:
- Integrating its new features (asterisk support, client management, etc) - Optimizing the whitelist/blacklist/geoblocking - Optimizing the blocklist displays
2) Kernel update to 2.6.24.7 (Note: 2.6.25.4 was the final version)
- Investigating SMP, and Cisco PIX bugs - OpenVZ / Virtuozzo support (Note: This was bumped to a later date. It could not be done with 2.6.25.4)
Feature Candidates
AtomiCommunity - RBL/Reputation based system to share/use attack/spammer data with ASL community.
AtomiRBL - Local RBL functionality - to share attack data with trusted nodes (Your boxes basically)
suphp support, this would include some kind of graphical integration with plesk
Add vendor updates to vulnerability checks (ie, did you update your box?). This is a major expansion to the vulnerability checks on the system. Orders of magnitude larger
Enterprise Auditing Shell support. This tracks commands from shell accounts and allows you to replay what happened. Kind of like a tivo.
Expand Active Response blocklist to collect the specific attack event, instead of just the OSSEC rule ID.
Standalone ASL web interface, that does not require plesk. As a bonus, this feature would allow us to password protect the ASL gui in plesk as well.
Firewall gui