Open Hub
Open Hub

 Settings |  Report Duplicate

19
I Use This!
Activity Not Available

News

Analyzed 12 months ago. based on code collected 12 months ago.
New OISF board elected
Posted almost 11 years ago by [email protected] (Victor Julien)
The OISF community is please to announce the results of the election for the open board seats for 2014.  This election cycle, we were fortunate to have had a wonderfully diverse and highly talented slate of nominees and would like to extend our ... [More] thanks to those who participated.  OISF depends heavily on its volunteer board of directors who are giving of their time and so deeply committed to advancing the open source technologies and communities within OISF.  Please join us in congratulating the OISF 2014 Board of Directors: Dr. Jose Nazario Richard Bejtlich Randy Caldejon Luca Deri Ken Steele Alexandre Dulaunoy Also on the board are members of the OISF leadership team:  Matt Jonkman and Kelley Misata We would also like to thank outgoing board members, Joel Ebrahimi and Stuart Wilson, for their service and time given to OISF in 2013. [Less]
OISF Needs Your Vote! 2014 Board of Directors
Posted almost 11 years ago by [email protected] (Victor Julien)
The Open Information Security Foundation (OISF) is conducting its annual online elections to fill 6 open positions on the OISF board of directors.  Board members serve a one year term, therefore, current board members along with new nominees are ... [More] included on this year's ballot.  For 2014, the OISF board will consist of 8 board members in total:  6 elected directors, President of OISF Matt Jonkman and Board Secretary and OISF Director of Outreach, Kelley Misata.Each nominee has provided a brief summary highlighting their industry experience and their passion for OISF; please take a minute to read about each of our distinguished nominees and to cast your votes NOW!Simply follow this link:  https://www.surveymonkey.com/s/WFZRJSWPolls will close Wednesday, January 22, 2014 with the 2014 OISF Board announced on Thursday, January 23, 2014. Questions regarding elections can be sent to [email protected] you,The OISF Team [Less]
Call for Nominations - OISF 2014 Board of Directors
Posted about 11 years ago by [email protected] (Victor Julien)
The Open Information Security Foundation is preparing hold the annual Board of Director elections and are putting out a call for nominations.  We are anticipating 2014 to be one of the most important and exciting years for OISF and Suricata. ... [More]  Therefore, we are looking for candidates in the security and open source community willing to serve as advisors on our board of directors.  The call for nominations begins today until January 14, 2014. Please consider joining our Board of Directors or nominating someone else who would be a great asset to the foundation.  Online elections will begin January 15, 2014. But you may be asking yourself a few important questions: 1. As a board member what will I be asked to do? The OISF Board of Directors meet quarterly to review foundation activities, upcoming events, financial status and strategic objectives.  Meetings are held via conference call and pre-scheduled to respect the busy schedules of our board members.  Board members are also expected to actively provide expertise, advice and professional connections necessary to help OISF make great strides both   technologically and financially. 2. How large is the OISF board? The 2013 OISF board currently consisted of 5 members - Joel Ebrahimi, Jose Nazario, Richard Bejtlich, Matt Jonkman and Kelley Misata.  It is a 1 year term, therefore, all board members are up for re-election each calendar year.  For 2014 we are adding 2 additional seats - expanding to 7 members.  This will allow all  board members to have a voice on the strategic direction of OISF over the course of this very exciting year. 3. What is in it for me if I become an OISF board member? As a board member you will have the opportunity to steer an innovative and cutting edge open source technology, to be an integral part of the decision making process for OISF and have a beneficiary priority status in all OISF and Suricata related public or private events.  Board members will also be publicly thanked on the OISF website with professional details on the contacts pages. 4. I'm interested in nominating myself or someone I know - how do I do it? It's simple - submit your name, employer and a brief statement outlining your experience and reasons for running to be on the OISF board to [email protected] by 5 pm EST Tuesday, January 14, 2014.  Please note, the information provided in the nomination will be included on the election ballots so please be brief. Elections will begin Wednesday, January 15th and conclude on Monday, January 24th.  The 2014 OISF Board Members will then be announced on Tuesday, January 25th. If you have any questions please do not hesitate to reach out to us directly at [email protected] OR reply to list to start a conversation with the community about this process. Thank you, The OISF Team [Less]
Suricata 2.0beta2 Available!
Posted about 11 years ago by [email protected] (Victor Julien)
The OISF development team is proud to announce Suricata 2.0beta2.  This big update is the second beta release for the upcoming 2.0 version. Some notable improvements are: - This release overhauls the protocol detection feature. It now considers ... [More] both sides of connection, and will raise events on mismatches. - DNS parser and logger was much improved. - Tilera support was greatly improved. - Lots of performance and code quality improvements. Get the new release here: http://www.openinfosecfoundation.org/download/suricata-2.0beta2.tar.gz New features Feature #234: add option disable/enable individual app layer protocol inspection modules Feature #417: ip fragmentation time out feature in yaml Feature #478: XFF (X-Forwarded-For) support in Unified2 Feature #602: availability for http.log output – identical to apache log format Feature #751: Add invalid packet counter Feature #813: VLAN flow support Feature #901: VLAN defrag support Feature #878: add storage api Feature #944: detect nic offloading Feature #956: Implement IPv6 reject Feature #983: Provide rule support for specifying icmpv4 and icmpv6 Feature #1008: Optionally have http_uri buffer start with uri path for use in proxied environments Feature #1009: Yaml file inclusion support Feature #1032: profiling: per keyword stats Improvements and Fixes Bug #463: Suricata not fire on http reply detect if request are not http Feature #986: set htp request and response size limits Bug #895: response: rst packet bug Feature #940: randomize http body chunks sizes Feature #904: store tx id when generating an alert Feature #752: Improve checksum detection algorithm Feature #746: Decoding API modification Optimization #1018: clean up counters api Bug #907: icmp_seq and icmp_id keywords broken with icmpv6 traffic Bug #967: threshold rule clobbers suppress rules Bug #968: unified2 not logging tagged packets Bug #995: tag keyword: tagging sessions per time is broken Many more issues were fixed, please see: https://redmine.openinfosecfoundation.org/versions/51 Special thanks We’d like to thank the following people and corporations for their contributions and feedback: Ken Steele — Tilera Jason Ish — Endace/Emulex Duarte Silva Giuseppe Longo Ignacio Sanchez Nelson Escobar — Myricom Chris Wakelin Emerging Threats Coverity Alessandro Guido Amin Latifi Darrell Enns Ignacio Sanchez Mark Ashley Paolo Dangeli rmkml Will Metcalf Known issues & missing features In a beta release like this things may not be as polished yet. So please handle with care. That said, if you encounter issues, please let us know! As always, we are doing our best to make you aware of continuing development and items within the engine that are not yet complete or optimal. With this in mind, please notice the list we have included of known items we are working on. See issues for an up to date list and to report new issues. See Known_issues for a discussion and time line for the major issues. About Suricata Suricata is a high performance Network IDS, IPS and Network Security Monitoring engine. Open Source and owned by a community run non-profit foundation, the Open Information Security Foundation (OISF). Suricata is developed by the OISF, its supporting vendors and the community. [Less]
Suricata 1.4.7 released!
Posted about 11 years ago by [email protected] (Victor Julien)
The OISF development team is pleased to announce Suricata 1.4.7. This is a small update over the 1.4.6 release. Get the new release here: suricata-1.4.7.tar.gz Fixes Bug #996: tag keyword: tagging sessions per time is broken Bug #1000: delayed ... [More] detect inits thresholds before de_ctx Bug #1001: ip_rep loading problem with multiple values for a single ip Bug #1022: StreamTcpPseudoPacketSetupHeader : port swap logic isn’t consistent Bug #1047: detect-engine.profile – custom value parsing broken Bug #1063: rule ordering with multiple vars Special thanks Duane Howard Mark Ashley Amin Latifi Known issues & missing features As always, we are doing our best to make you aware of continuing development and items within the engine that are not yet complete or optimal. With this in mind, please notice the list we have included of known items we are working on. See issues for an up to date list and to report new issues. See Known_issues for a discussion and time line for the major issues. About Suricata Suricata is a high performance Network IDS, IPS and Network Security Monitoring engine. Open Source and owned by a community run non-profit foundation, the Open Information Security Foundation (OISF). Suricata is developed by the OISF, its supporting vendors and the community. [Less]
Suricata 1.4.6 released!
Posted over 11 years ago by [email protected] (Victor Julien)
The OISF development team is pleased to announce Suricata 1.4.6. This is a small but important update over the 1.4.5 release, addressing some important issues. Get the new release here: suricata-1.4.6.tar.gz Fixes Bug 958: malformed SSL ... [More] records leading to crash. Reported by Sebastian Roschke. CVE-2013-5919. Bug 971: AC pattern matcher out of bounds memory read. Bug 965: improve negated content handling. Reported by Will Metcalf. Bug 937: fix IPv6-in-IPv6 decoding. Bug 934: improve address parsing. Bug 969: fix unified2 not logging tagged packets. Special thanks Sebastian Roschke Will Metcalf Security CVE-2013-5919 Known issues & missing features As always, we are doing our best to make you aware of continuing development and items within the engine that are not yet complete or optimal. With this in mind, please notice the list we have included of known items we are working on. See issues for an up to date list and to report new issues. See Known_issues for a discussion and time line for the major issues. About Suricata Suricata is a high performance Network IDS, IPS and Network Security Monitoring engine. Open Source and owned by a community run non-profit foundation, the Open Information Security Foundation (OISF). Suricata is developed by the OISF, its supporting vendors and the community. [Less]
Save-the-Date – October 24, 2013
Posted over 11 years ago by [email protected] (Victor Julien)
SURICATA Workshop & Certification Series hack.lu (www.hack.lu), Luxembourg Join us as we work to launch our first Suricata Workshop event – join us!  During this day long event, your input will help to construct the prototype curriculum for ... [More] the soon to be released Suricata Workshop Certification Series. A unique opportunity for both end users and developers. The first half of the day will be a presentation of the curriculum framework; which is currently in development by the Suricata team.  The second half of the day will be a hands-on technical workshop. Presenters will include Victor Julien, Matt Jonkman, Eric Leblond, Anoop Saldanha and other members of the OISF/ Suricata team. Further details will be sent out within the next few weeks. Questions?  Feel free to reach to us at [email protected]. [Less]
Suricata 1.4.5 released!
Posted over 11 years ago by [email protected] (Victor Julien)
The OISF development team is pleased to announce Suricata 1.4.5. This is a small but important update over the 1.4.4 release, fixing some important bugs.Get the new release here: suricata-1.4.5.tar.gzFixesBug #908: ipv6 extension header parsing ... [More] issue causing Suricata to hangBug #906: icmp_seq and icmp_id keyword with icmpv6 traffic FP & FNSpecial thanksPrabhakaran KasinathanKnown issues & missing featuresAs always, we are doing our best to make you aware of continuing development and items within the engine that are not yet complete or optimal. With this in mind, please notice the list we have included of known items we are working on.See issues for an up to date list and to report new issues. See Known_issues for a discussion and time line for the major issues.About SuricataSuricata is a high performance Network IDS, IPS and Network Security Monitoring engine. Open Source and owned by a community run non-profit foundation, the Open Information Security Foundation (OISF). Suricata is developed by the OISF, its supporting vendors and the community. [Less]
Suricata 2.0beta1 Available!
Posted over 11 years ago by [email protected] (Victor Julien)
The OISF development team is proud to announce Suricata 2.0beta1. This is the first beta release for the upcoming 2.0 version. This release greatly improved our HTTP handling by upgrading libhtp support to 0.5.4 and by redesigning transaction ... [More] handling, which increases HTTP performance as well[1]. On the performance side, a large CUDA overhaul greatly improves our GPU performance[2]. Also new in this release is a DNS parser, logger and detection support. Get the new release here: http://www.openinfosecfoundation.org/download/suricata-2.0beta1.tar.gz [1] http://www.poona.me/2013/05/suricata-transaction-engine-re-designed.html#performance [2] http://www.poona.me/2013/06/suricata-cuda-engine-re-designed.html#performance New features Luajit flow vars and flow ints support (#593)DNS parser, logger and keyword support (#792), funded by Emerging Threatsdeflate support for HTTP response bodies (#470, #775) Improvements update to libhtp 0.5 (#775)improved gzip support for HTTP response bodies (#470, #775)redesigned transaction handling, improving both accuracy and performance (#753)redesigned CUDA support (#729)Be sure to always apply verdict to NFQ packet (#769)stream engine: SACK allocs should adhere to memcap (#794)stream: deal with multiple different SYN/ACK’s better (#796)stream: Randomize stream chunk size for raw stream inspection (#804)Introduce per stream thread ssn pool (#519)“pass” IP-only rules should bypass detection engine after matching (#718)Generate error if bpf is used in IPS mode (#777)Add support for batch verdicts in NFQ, thanks to Florian WestphalUpdate Doxygen config, thanks to Phil SchroederImprove libnss detection, thanks to Christian Kreibich Fixes Fix a FP on rules looking for port 0 and fragments (#847), thanks to RmkmlOS X unix socket build fixed (#830)bytetest, bytejump and byteextract negative offset failure (#827)Fix fast.log formatting issues (#771), thanks to RmkmlInvalidate negative depth (#774), thanks to RmkmlFixed accuracy issues with relative pcre matching (#791)Fix deadlock in flowvar capture code (#802)Improved accuracy of file_data keyword (#817)Fix af-packet ips mode rule processing bug (#819), thanks to Laszlo Madarassystream: fix injecting pseudo packet too soon leading to FP (#883), thanks to Francis Trudeau Special thanks We’d like to thank the following people and corporations for their contributions and feedback: RmkmlLaszlo MadarassyKen Steele, TileraFlorian WestphalChristian KreibichFrancis TrudeauPhil SchroederIvan RisticEmerging ThreatsCoverity Known issues & missing features In a beta release like this things may not be as polished yet. So please handle with care. That said, if you encounter issues, please let us know! As always, we are doing our best to make you aware of continuing development and items within the engine that are not yet complete or optimal. With this in mind, please notice the list we have included of known items we are working on. See issues for an up to date list and to report new issues. See Known_issues for a discussion and time line for the major issues. About Suricata Suricata is a high performance Network IDS, IPS and Network Security Monitoring engine. Open Source and owned by a community run non-profit foundation, the Open Information Security Foundation (OISF). Suricata is developed by the OISF, its supporting vendors and the community. [Less]
Suricata 1.4.4 released
Posted over 11 years ago by [email protected] (Victor Julien)
The OISF development team is pleased to announce Suricata 1.4.4. This is a small but important update over the 1.4.3 release, fixing some important bugs. Get the new release here: suricata-1.4.4.tar.gz Fixes Bug #834: Unix socket – showing as ... [More] compiled when it is not desired to do soBug #841: configure –enable-unix-socket does not err out if libs/pkgs are not presentBug #846: FP on IP frag and sig using udp port 0, thanks to RmkmlBug #864: fix pass action not working correctly in all cases, thanks Kevin BranchBug #876: http connect tunnel crash fixedBug #877: Flowbit check with content doesn’t match consistently, thanks to Francis Trudeau Special thanks RmkmlFrancis TrudeauKevin Branch Known issues & missing features As always, we are doing our best to make you aware of continuing development and items within the engine that are not yet complete or optimal. With this in mind, please notice the list we have included of known items we are working on. See issues for an up to date list and to report new issues. See Known_issues for a discussion and time line for the major issues. About Suricata Suricata is a high performance Network IDS, IPS and Network Security Monitoring engine. Open Source and owned by a community run non-profit foundation, the Open Information Security Foundation (OISF). Suricata is developed by the OISF, its supporting vendors and the community. [Less]