DK 'Log

Yay ! we're proud to announce that ossim has been chosen to take part int he google summer of code program. Brian, now it's your turn ;-).
I'll post another entry when we've got more information about how this works.

Congratulations!
Your organization "OSSIM: Open Source Security Information Management" has been accepted in to the 
Google Summer of Code(tm) 2008. You have been assigned as primary point of contact and as an 
administrator for your organization.
please visit http://code.google.com/soc/mentor_step1.html and sign up using your Google Account.
Thanks.
- Your friendly Google Summer of Code administrators

Remember the couple of posts I made back in November in the tuning section ? Well, I finally got the time to look into this issue again and have made some interesting discoveries the last couple of days. I'm really enjoying this.

The following table illustrates some comparisons between a stock Base 1.3.9 (ossim patched) and the tuned rewrite I've got running right now. These optimizations are now part of our appliance offering (updates for already deployed ones on the way) and will be released to the public afterwards. Thanks to everybody that has been helping me on this, specially to the people at #ossim in freenode ;-).

A couple of days ago I was fixing the fortinet/fortigate with the kind help of a Swiss OSSIM user (thanks Mikael ;-) ) and I wrote this little piece of python in order to help me out with it. Now I'm using it a lot to debug plugins so I guess more people could benefit from this also :-)
And well, I'll paste a sample plugin debugging session in order to give ideas.
BTW, this assumes basic knowledge of regular expressions, check this Regexp Primer out if you want to refresh that knowledge. And BTW2, some log lines are broken for readability.

We just switched offices, the old one was getting too small. Here is a picture where we're still setting up everything, taken from my seat holding up the pc, showing various AlienVault staff testing wifi, hanging around or just tryting to avoid the hard work :-)

I wanted to point you at two things I think that are important, things that we've been neglecting in the past months.

1. IRC Channel: we've ignored this way of communication for quite some time but enough of that, I added a "fire up BitchX" postit on my desk so from now on I'll spend as much time there as I can, and hopefully other ossim users / developers too. See you at irc.freenode.org, channel #ossim
2. Bug tracking mechanism: honestly, I never liked the one provided by sf.net so I followed a suggestion from a friendly guy at #ossim and installed FlySpray as a bug tracking system. Check it out at http://www.ossim.net/bugs/ (Need to add the virtualhost for bugs.ossim.net :-) ).