Thread: [Secureideas-base-devel] Next release
Brought to you by:
secureideas,
sinukas
From: Kevin J. <kjo...@se...> - 2004-11-20 20:52:39
|
Hi Everyone, I would like to get some opinions here so that we can do what is right.=20 As of right now, I have planned to get the 1.0 release out by Monday.=20 There has been some differing opinions. Right now we have quite a few of the languages done and more coming. We have also added the portscan patch, finished the user authentication and added the setup program.=20 Along with a NUMBER of minor changes. What I want to know is if everyone is comfortable with a release on Sunday night or would you all rather we wait till the end of the week. The reasons put forward for the wait mainly revolve around finishing the web site and getting some bugs fixed. As for me, I am ok with either answer. If we release this weekend, I am ready to package it and go. If we wait until next week, I can finish some clean up and maybe add some features like the role administration for pages and more of the pdf stuff maybe. This might also give you all time to finish up some stuff. I would appreciate it if everyone would give some feedback. Thanks Kevin |
From: Kevin J. <kjo...@se...> - 2005-02-12 14:15:44
|
Hi everyone, We have gotten a lot of work done since the last release, thanks Tim and Joel. Because of this and that some of the fixes are significantly needed, i.e. the speed increase for mysql, I think that we should target Monday for the next release. We can get as much done as possible today and tomorrow. I will then build the release Sunday night and send it out for people to get to Monday morning. Feedback? Kevin |
From: Kevin J. <kjo...@se...> - 2006-07-19 00:59:19
|
Hi all, I would like to get 1.2.6 released this weekend. We have a number of little issues fixed, but the biggest one is the fix to match the docs by Patrick Harper. Any ideas or comments before I do this? Kevin --------------------- GCIA, GCIH, CEH BASE Project Lead http://base.secureideas.net The next step in IDS analysis! |
From: Kevin J. <ke...@in...> - 2009-08-07 00:51:16
|
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hi everyone, Could we start prepping for the next release? We have a number of fixes in CVS and I would like to push them to release status. Any thing you guys want in before 1.4.4 goes out? Thanks Kevin Kevin Johnson Senior Security Analyst InGuardians, Inc. office: 202.448.8958 cell: 904.403.8024 -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (Darwin) iEYEARECAAYFAkp7enAACgkQGDcWptZ2zmQ2eACfXrEINzSZ1UEfn/lDcq+1khHt S9sAni5OaEDp3agdX3D576L1LHvNGzp5 =GA7P -----END PGP SIGNATURE----- |
From: Juergen L. <jue...@gm...> - 2009-08-08 22:22:52
|
On Thu, Aug 06, 2009 at 08:50:55PM -0400, Kevin Johnson wrote: > Could we start prepping for the next release? We have a number of > fixes in CVS and I would like to push them to release status. (...) Hello, rpm packages can be found at http://boonce.org/up/8359_base-1.4.4_rpms.tar.gz md5sum 8359_base-1.4.4_rpms.tar.gz 628f13e9c893138da0ecbc9bef3b002e 8359_base-1.4.4_rpms.tar.gz sha1sum 8359_base-1.4.4_rpms.tar.gz 4cafd6fc2bfc26f7456e9bea5ed4aad85d41a411 8359_base-1.4.4_rpms.tar.gz sha256sum 8359_base-1.4.4_rpms.tar.gz 5bb4dbc164acccf7b04230a82ebf199e02def459568922e9ee1b356d6121073f 8359_base-1.4.4_rpms.tar.gz Bye, bye Juergen |
From: Juergen L. <jue...@gm...> - 2009-08-10 20:36:04
|
On Sun, Aug 09, 2009 at 12:22:36AM +0200, Juergen Leising wrote: > On Thu, Aug 06, 2009 at 08:50:55PM -0400, Kevin Johnson wrote: > > > Could we start prepping for the next release? We have a number of > > fixes in CVS and I would like to push them to release status. > (...) > > Hello, > > rpm packages can be found at > > http://boonce.org/up/8359_base-1.4.4_rpms.tar.gz These base-1.4.4-1 rpms do NOT include the last commit to CVS regarding base-php4/base_local_rules.php from Aug, 7th, yet. This means: 1. I must rebuild the rpms. Which is not a problem. 2. The actual problem is, that this XSS flaw fix broke the feature implemented by base_local_rules.php completely. The idea was to present a URL to the local snort rules, so that the user can have a look at how exactly is a specific rule phrased. As opposed to the descriptions of what a rule is all about in the "signatures" directory and the link "[local]". This was a feature request by Chris Ryan, cf. https://sourceforge.net/forum/message.php?msg_id=5310420 https://sourceforge.net/forum/message.php?msg_id=5311517 It is quite clear, that such a link is not a good idea from the security viewpoint. The web server must be configured to look into a directory outside of its document root. And does an admin really want his web server to enter /etc/snort/rules out of all possible directories? Most probably not. So there are two possibilities: a) The whole feature is being removed from BASE, the base_local_rules.php deleted. b) Or the local_rules_dir is implemented in a way similar to the local "signatures" subdirectory (with the link "[local]"). This would require a second subdirectory, say, "rules" in the base directory of the user (not in CVS, however). Bye, bye Juergen |
From: Juergen L. <jue...@gm...> - 2009-08-14 20:10:32
|
Hello, The upload sites that I usually use are suddenly not available, any more. And I haven't found any proper and serious alternative, yet (free, no registration, direct link and no obviously illegal haven). So someone else build the rpm's, please. rpmbuild -ba base.spec rpm --addsign base-1.4.4-2_rpms/base-1.4.4-2.noarch.rpm rpm --addsign base-1.4.4-2_rpms/base-1.4.4-2.src.rpm rpm --addsign base-1.4.4-2_rpms/base-contrib-1.4.4-2.noarch.rpm Bye, bye, Juergen |
From: Randal T. R. <ra...@pr...> - 2009-11-18 05:32:20
|
Juergen Leising wrote: > Hello, > > The upload sites that I usually use are suddenly not available, > any more. And I haven't found any proper and serious alternative, > yet (free, no registration, direct link and no obviously illegal > haven). So someone else build the rpm's, please. > > rpmbuild -ba base.spec > rpm --addsign base-1.4.4-2_rpms/base-1.4.4-2.noarch.rpm > rpm --addsign base-1.4.4-2_rpms/base-1.4.4-2.src.rpm > rpm --addsign base-1.4.4-2_rpms/base-contrib-1.4.4-2.noarch.rpm Can these files be added to the SourceForce downloads page? If not, I can setup a place on my site. One question though, and this may seem silly because I don't use RPMs that much. When someone installs BASE via RPM, does the RPM decide where to place the files and which ones <not> to overwrite (ie configuration files)? I've always had trouble understanding why Web apps should be packaged, as opposed to just tar/zip'd up. Maybe I just like a little more control over my systems :-) Thanks, Randy |
From: Joel E. <es...@kn...> - 2004-11-21 14:34:10
|
kevin, I have absolutely no problem with a 1.0 release by the beginning of the week. I think if we release it, it should be on the beginning of the week, that way we have all week to get it out there and public, we can get patrick working on his install paperwork, etc. The biggest thing is that it will allow us to answer user questions all week. (cause I know we are going to get a bunch of them). I saw we get what languages we have, and functioning in there, and get it out, plus we're not going to be able so solve any user problems concerning the languages until it's out there in the field. We all know that no matter how long we test stuff in an envrionment, it will always function differently in the "real world". Concerning the PHP issue. If we have to require that peope are using PHP 4.1.2 or higher, then we do. We need to put it in the read me and release it in the release notes. I know some people will whine and cry their way all the way to php.org to upgrade, but we can't build functionality off of old software. That leaves us struggling to maintain stuff for older version. That's why Microsoft ditched support for 98. </preach> We have a couple actual companies interested in our release. If some of you guys have ever heard of Niksun (www.niksun.org) they are looking to see if they can build the BASE functionality into their NetDetector product. I don't know where that's going to go but we will see. I think we also need to build rule management functionality in there for the next release. There is already a web rule management interface out there, I think if we re-write that and make it better, then build it into our BASE product. (I know that this won't work for sensors that are not on the same box as the Snort Machine, but it is theoretically possible that we could write some kind of ssh functionality in there in order to manage remote sensors.) I have had a couple requests for the rule functionality, but that needs to be (obviously) user role based. Only the admin can change, etc. I am also interested to see what vulnerabilities people find in the user role stuff. Could be interesting. thoughts? joel On Nov 20, 2004, at 15:52, Kevin Johnson wrote: > Hi Everyone, > > I would like to get some opinions here so that we can do what is right. > As of right now, I have planned to get the 1.0 release out by Monday. > There has been some differing opinions. Right now we have quite a few > of the languages done and more coming. We have also added the portscan > patch, finished the user authentication and added the setup program. > Along with a NUMBER of minor changes. What I want to know is if > everyone is comfortable with a release on Sunday night or would you all > rather we wait till the end of the week. The reasons put forward for > the wait mainly revolve around finishing the web site and getting some > bugs fixed. As for me, I am ok with either answer. If we release this > weekend, I am ready to package it and go. If we wait until next week, > I > can finish some clean up and maybe add some features like the role > administration for pages and more of the pdf stuff maybe. This might > also give you all time to finish up some stuff. I would appreciate it > if everyone would give some feedback. > > Thanks > Kevin > |
From: Kevin J. <kjo...@se...> - 2004-11-21 14:53:14
|
On Sun, 2004-11-21 at 09:33, Joel Esler wrote: > kevin, >=20 > I have absolutely no problem with a 1.0 release by the beginning of the=20 > week. I think if we release it, it should be on the beginning of the=20 > week, that way we have all week to get it out there and public, we can=20 > get patrick working on his install paperwork, etc. The biggest thing=20 > is that it will allow us to answer user questions all week. (cause I=20 > know we are going to get a bunch of them). I saw we get what languages=20 > we have, and functioning in there, and get it out, plus we're not going=20 > to be able so solve any user problems concerning the languages until=20 > it's out there in the field. We all know that no matter how long we=20 > test stuff in an envrionment, it will always function differently in=20 > the "real world". >=20 I agree. I have been thinking a lot about this after writing the email and I feel that you have pretty much summed up almost all of my thoughts in this paragraph. The only thing missing is that we can push the release back for ever with new features and bug fixes. I will start packaging the release and will push it out tonight. If everyone would like to start letting people know that it will be out, I will announce it on the mailing lists when I put it onto Sourceforge.=20 I am off all of next week, so I will be available to answer a lot of the user questions. > Concerning the PHP issue. If we have to require that peope are using=20 > PHP 4.1.2 or higher, then we do. We need to put it in the read me and=20 > release it in the release notes. I know some people will whine and cry=20 > their way all the way to php.org to upgrade, but we can't build=20 > functionality off of old software. That leaves us struggling to=20 > maintain stuff for older version. That's why Microsoft ditched support=20 > for 98. </preach> >=20 I have been looking at the release notes for PHP and I think we are going to have to change the required version. > We have a couple actual companies interested in our release. If some=20 > of you guys have ever heard of Niksun (www.niksun.org) they are looking=20 > to see if they can build the BASE functionality into their NetDetector=20 > product. I don't know where that's going to go but we will see. I think this is great. Let me know if I can help with anything or if we are missing anything they want. > I=20 > think we also need to build rule management functionality in there for=20 > the next release. There is already a web rule management interface out=20 > there, I think if we re-write that and make it better, then build it=20 > into our BASE product. (I know that this won't work for sensors that=20 > are not on the same box as the Snort Machine, but it is theoretically=20 > possible that we could write some kind of ssh functionality in there in=20 > order to manage remote sensors.) I have had a couple requests for the=20 > rule functionality, but that needs to be (obviously) user role based. =20 > Only the admin can change, etc. I am also interested to see what=20 > vulnerabilities people find in the user role stuff. >=20 I have been thinking that rule management is a big thing missing. We need to make BASE a self-contained IDS management system. I believe that the ssh functionality is possible. I have some ideas and would like to talk more about this. > Could be interesting. >=20 > thoughts? >=20 > joel Thanks for your input, it has helped a lot! Kevin |