DK 'Log

I wanted to share this news entry with everybody visiting this site. This has very little to do with OSSIM or AlienVault and of course this is my own opinion, not necessarily shared by them.

A week ago I had read a sad sentence convicting those who're running the Pirate Bay torrent tracking site. Now I'm pleased to see that not everybody has sold their soul to what's "supposed to be politcally correct": Telenor, the norwegian ISP hosting the pirate bay have told the copyright lawyers to shove their demands where Long John Silver couldn't see 'em even with his good eye and a very long spyglass.

My sincere admiration (both to TPB admins and Telenor), I'm pre-ordering my support t-shirt right now :-)

More information here.

Just uploaded a new AlienVault OSSIM installer beta, Beta 5. As always, thanks a ton to everybody helping out on testing. Besides Anton, Greg, Kristian and Stephan there are many others helping, both on forums or anonymously (found some old friend's domain names in the apache log for update checks, greets to Turkiye and France ;-))

As to the actual release:
Jasperserver got updated to 3.5 (Gannt charts, finally), many bugs have been fixed, some new directives, new snort packages, new misc tools and many more. Sensor and server profiles have been updated too, as well as monit scripts and database.

I expect three more betas, which would mean around three more testing weeks. There are some key features that still need some throughout testing:

- Distributed deployment.
- Jasper tuning and sample reports.
- New policy interface (beta6).

There are two factors which we can't control but which would make this release perfect:

- Lenny OpenVAS packages.
- MySQL 5.1 making it into lenny stable.

I've already done some testing with partitions in the new mysql and the results are astonishing. Arcsight here we come :P

If you want bug Norbert Tretkowski and the guys at OpenVAS to hurry up. (Just kidding, they're all doing a great job :-))

Just a last notice: next week there will be a slowdown on updates/fixes, it's holidays around here and I'm taking a couple of days off with my lovely girlfriend. We'll be heading to the beach so while she enjoys the sun I'll be able to code towards this next relelase :D.

I just became a proud Certified ASS, that is, Certified Application Security Specialist (don't think wrong). Just check the official badge on the right :-)

To all those collecting CISAs, CISSPs, CISMs and so on, I whole-heartedly encourage you to also become an ASS. Become an ASS today, quoting the foundation's site:

• 1. No need to study - Candidates use our exclusive certification process to prove their Stated History of Individual Training via self-validation, which reflects their real-world experiences.
• 2. No need to take exams - After self validation, candidates agree to the Oath of Office and Code of Ethics. This process ensures only the most experienced ASS achieve certified status, without the need for a test.
• 3. Lowest Cost - There is no cost to become a Certified ASS! While many candidates have long been considered ASS's, they can now validate that claim with true certification at no cost.
• 4. Reflects the real world of security - By eliminating costly training programs and standardized tests, the Institute created a process that matches the standard management, processes for enterprise application security, and consistent with today's industry best-practices.

• 1. No need to pay for costly employee training.
• 2. Be assured that you only employ the highest quality ASS's.
• 3. Guarantee compliance with all regulations and industry standards.