May 2, 2009 | Dominique Karg

New Instaler beta: 1.2beta6

I’m happy to announce the availability of the next beta, AV Installer beta6 http://data.alienvault.com/ossim-installer_1.2.beta6.iso [no longer available]. (md5: 21204ecf2949a1d9ac9838b3c694b72d.Again, thanks a ton to everybody testing the betas and reporting bugs / improvements, with your help this is already the best release that’s been…

April 3, 2009 | Dominique Karg

Here comes another beta, beta #5

Just uploaded a new AlienVault OSSIM installer beta, Beta 5 http://data.alienvault.com/ossim-installer_1.2.beta5.iso [No longer available]. As always, thanks a ton to everybody helping out on testing. Besides Anton, Greg, Kristian and Stephan there are many others helping, both on forums or anonymously (found some old friend’s domain names in the apache log for update…

Get the latest security news in your inbox.

Subscribe via Email

March 27, 2009 | Dominique Karg

How to make good friends

I just wanted to share a quick mail we’ve received tonight at AlienVault. I’m hiding the user’s identity until he grants me permission to disclose it, which I doubt he’ll do btw.The mail did read as following:Subject: Port scan from you guys to my server from 207.158.15.208. Cease and desist.I installed your ossim product…

March 19, 2009 | Dominique Karg

Installer 1.2 beta3 available

And another quick post. New beta is out, thanks a ton to everybody reporting bugs. This time there aren’t big change, but a ton of small glitches have been fixed. Grab it here http://data.alienvault.com/ossim-installer_1.2.beta3.iso [No longer available]. As the last time, updates will focus on a beta3 base although they should work…

March 17, 2009 | Dominique Karg

Tutorial 8: OSSIM + JasperServer + iReport Tutorial

This eighth installment of the tutorial series will focus on a feature which will be revolutionary for OSSIM for sure: tight jasperserver integration for custom/periodic reports with the guarantee of a strong BI suite. The upcoming installer release will include both Tomcat as well as JasperServer ready to use and with sample preloaded reports and datasources. (Note: Installer beta2…

March 10, 2009 | Jaime Blasco

Ossim: Shellcode Detection and Analysis

I’m glad to announce a new feature we have added to forensic console. We use libemu to make shellcode detection and analysis to help on forensic analysis and reduce false positives, an example: …

March 7, 2009 | Dominique Karg

Installer 1.2 beta2 available

Just a quick notice about beta2 being out. Tons of bugs have been this weeks, cheers to everybody helping. Updates for the upcoming week should apply to both but will be focused on beta2 "http://data.alienvault.com/ossim-installer_1.2.beta2.iso [No longer available].Among the fixes, there are:Forensics panel visual and functionality fixes. New auto-update notification. When enabled…

February 28, 2009 | Dominique Karg

Upcoming Installer testing version 1.2beta1

I’m proud to announce the availability of the first public testing release of the upcoming installer. We’re in final stages of testing now, and tho there are still known issues it’s time to get community feedback on it. Many many thanks to anybody willing to help test this iso. Please keep in mind that…

February 3, 2009 | Jaime Blasco

New Directives

I’ve just update the public CVS with some new directives as part of the effort we are doing to improve the upcoming installer:Attacks:Possible Successful Attack: Reverse Shell Access to the SystemPossible POP3 Bruteforce against SRC_IPPossible FTP Bruteforce against SRC_IPCommand execution against webserver on DST_IPFile /etc/passwd access on DST_IP …

January 3, 2009 | Jaime Blasco

25C3: Fake CA Certificates

A security research team has demostrated how to use MD5 collision to create a rogue Certificate Authority certificatewith a cluster of 200 ps3s!!You can find all the information hereThe attack take advantage of a weakness in the MD5 cryptographic hash function that allows the construction of different messageswith the same MD5 hash and affects CAs that…

October 15, 2008 | Jaime Blasco

Microsoft Exploitability Index

Microsoft has just added a new index to new security bulletins to provide additional information about the potential exploitability of vulnerabilities associated with a Microsoft security update.The index classify each vulnerability with the Exploitability Index Assessment that indicate the likelihood of functioning exploit code, the three possible values are:- 1 Consistent exploit code likely- 2 Inconsistent exploit code likely…

October 15, 2008 | Dominique Karg

Tutorial 7: Feature highlight / pre-tutorial on Risk Maps

IntroductionToday I would to share something interesting we’re working on: Risk/Availability/Vulnerability indicator Maps.The purpose was to fit the most important information that can be gained from ossim all over it’s interface, into a simple to use, simple to manage and simple to analyze interface.We already had an approach to both, to…

Watch a Demo ›
GET PRICE FREE TRIAL