cipherdyne.org

Michael Rash, Security Researcher



Software Release - psad-1.4.1

The 1.4.1 release of psad is ready for download. Here is an excerpt from the ChangeLog:
  • Updated to Snort-2.3 rules in the snort_rules directory.
  • Re-worked syslog installation portion of install.pl. The user will always be prompted to enter the syslog daemon now, and also added the --syslog-conf arg to allow the config file path to be specified on the install.pl command line.
  • Bugfix in install.pl for using IP address instead of network address of directly connected subnets.
  • Updated to version 4.6.23 of the whois client.
  • Bugfix for distinguishing OPT field associated with --log-tcp-options vs. --log-ip-options.
  • Bugfix for syslog format that may not include the "kernel:" tag.
  • Applied patch to only install perl modules that are not already installed (Blair Zajac).
  • Bugfix for the psad version number that is sent in DShield alerts.
  • Updated Psad module directory structure to be consistent with current versions of perl (5.8.x).