Difference between revisions of "ASL Release Schedule"

From Atomicorp Wiki
Jump to: navigation, search
m (Future Features)
Line 1: Line 1:
== Current Release is: 2.0 RC2 ==
+
== Current Release is: 2.0 RC3 ==
  
  
Line 6: Line 6:
  
  
Target Date: 1JUN08
+
Target Date: 23JUN08
  
  
 
== Tasks in progress ==
 
== Tasks in progress ==
 +
 +
1) Mysql support for the alert engine:
 +
 +
  - Get mysql configuration Logic into the ossec and configuration modules
 +
  - Web interface chages
 +
    - Support Mysql
 +
    - Also support reading files (current system)
 +
    - Add in basic search capabilities
 +
    - (option) Add in archiving events (for mass storage)
 +
 +
2) Update to mod_security 2.5.5
 +
 +
3) Extend clamav support to cover email
 +
 
 +
  - Create basic configuration interface for Plesk (PSA will be a dependency)
 +
 
 +
 +
 +
== 2.0RC3 Tasks (Completed) ==
 
The following lists the targets for the next release date. This does list does not always indicate bug fixes.  
 
The following lists the targets for the next release date. This does list does not always indicate bug fixes.  
  
Line 18: Line 37:
 
   - Optimizing the blocklist displays
 
   - Optimizing the blocklist displays
  
2) Kernel update to 2.6.24.7
+
2) Kernel update to 2.6.24.7 (Note: 2.6.25.4 was the final version)
 
   - Investigating SMP, and Cisco PIX bugs
 
   - Investigating SMP, and Cisco PIX bugs
   - OpenVZ / Virtuozzo support
+
   - OpenVZ / Virtuozzo support (Note: This was bumped to a later date. It could not be done with 2.6.25.4)
  
==Future Features==
+
 
 +
== Feature Candidates==
  
 
AtomiCommunity - RBL/Reputation based system to share/use attack/spammer data with ASL community.   
 
AtomiCommunity - RBL/Reputation based system to share/use attack/spammer data with ASL community.   
  
 
AtomiRBL - Local RBL functionality - to share attack data with trusted nodes (Your boxes basically)
 
AtomiRBL - Local RBL functionality - to share attack data with trusted nodes (Your boxes basically)
 +
 +
suphp support, this would include some kind of graphical integration with plesk
 +
 +
Add vendor updates to vulnerability checks (ie, did you update your box?). This is a major expansion to the vulnerability checks on the system. Orders of magnitude larger
 +
 +
Enterprise Auditing Shell support. This tracks commands from shell accounts and allows you to replay what happened. Kind of like a tivo.
 +
 +
Expand Active Response blocklist to collect the specific attack event, instead of just the OSSEC rule ID.
 +
 +
Standalone ASL web interface, that does not require plesk. As a bonus, this feature would allow us to password protect the ASL gui in plesk as well.
 +
 +
Firewall gui

Revision as of 09:53, 9 June 2008

Contents

Current Release is: 2.0 RC3

Next Release is: 2.0

Target Date: 23JUN08


Tasks in progress

1) Mysql support for the alert engine:

 - Get mysql configuration Logic into the ossec and configuration modules
 - Web interface chages
   - Support Mysql
   - Also support reading files (current system)
   - Add in basic search capabilities
   - (option) Add in archiving events (for mass storage)

2) Update to mod_security 2.5.5

3) Extend clamav support to cover email

 - Create basic configuration interface for Plesk (PSA will be a dependency)
 


2.0RC3 Tasks (Completed)

The following lists the targets for the next release date. This does list does not always indicate bug fixes.

1) OSSEC 1.5 integration:

 - Integrating its new features (asterisk support, client management, etc)
 - Optimizing the whitelist/blacklist/geoblocking
 - Optimizing the blocklist displays

2) Kernel update to 2.6.24.7 (Note: 2.6.25.4 was the final version)

 - Investigating SMP, and Cisco PIX bugs
 - OpenVZ / Virtuozzo support (Note: This was bumped to a later date. It could not be done with 2.6.25.4)


Feature Candidates

AtomiCommunity - RBL/Reputation based system to share/use attack/spammer data with ASL community.

AtomiRBL - Local RBL functionality - to share attack data with trusted nodes (Your boxes basically)

suphp support, this would include some kind of graphical integration with plesk

Add vendor updates to vulnerability checks (ie, did you update your box?). This is a major expansion to the vulnerability checks on the system. Orders of magnitude larger

Enterprise Auditing Shell support. This tracks commands from shell accounts and allows you to replay what happened. Kind of like a tivo.

Expand Active Response blocklist to collect the specific attack event, instead of just the OSSEC rule ID.

Standalone ASL web interface, that does not require plesk. As a bonus, this feature would allow us to password protect the ASL gui in plesk as well.

Firewall gui

Personal tools