Menu
▾
▴
ipfc-announce — Announce of ipfcontrol
You can subscribe to this list here.
| 2001 |
Jan
|
Feb
|
Mar
|
Apr
|
May
|
Jun
(2) |
Jul
|
Aug
|
Sep
|
Oct
|
Nov
|
Dec
(3) |
|---|---|---|---|---|---|---|---|---|---|---|---|---|
| 2002 |
Jan
(1) |
Feb
(2) |
Mar
(1) |
Apr
(1) |
May
(1) |
Jun
|
Jul
|
Aug
|
Sep
(1) |
Oct
|
Nov
|
Dec
|
|
From: Tycho F. <tyc...@co...> - 2002-09-06 13:18:08
|
Hello We've migrated the IPFC projet from SourceForge to Savannah. http://savannah.gnu.org/projects/ipfc/ Please note that the CVS sources have been (and still) are in a state of flux and therefore are not considered stable. I will keep you informed when the CVS version will again be considered usable (this should be in about a week). ipfc-1.0.4 is available for download from http://www.conostix.com/ipfc or http://savannah.gnu.org/projects/ipfc/. Be aware that the next version of IPFC will be called 1.1 and has *a lot* of changes from the current version though. Starting today, SourceForge is no longer considered the home of the IPFC project. Best regards, Tycho -- Tycho Fruru tyc...@co... "Prediction is extremely difficult. Especially about the future." - Niels Bohr |
|
From: Alexandre D. <al...@co...> - 2002-05-13 11:54:11
|
Dear developer, patcher, contributor,... As you can read IPFC is moving to the jungle... euh, I mean to savannah.gnu.org We invite every developer to create an account on savannah. (So you will have access to the future cvs and so on..) Thanks for your collaboration. adulau PS : You will receive a mail when the project has been fully migrated. -- Alexandre Dulaunoy ad...@co... http://www.conostix.com/ |
|
From: Tycho F. <tyc...@co...> - 2002-04-03 13:18:18
|
Dear all, today, ipfc-1.0.4 was released. ipfc-1.0.4 features the introduction of OO. There are classes for Events, EventGroups and LogUnits, as well as database interaction. All log-parsing is now performed using classes with a standard interface. 2 correlation modules were added : Simple, which tries to correlate everything, and WithContext which is context-dependant. Shortly, there will be a 1.0.5 with cleanups and documentation fixes. As usual, downloads on http://www.conostix.com/ipfc/ -- Tycho Fruru tyc...@co... Users' impressions of different operating systems, expressed as emoticons: Linux: :) Windows: XP |
|
From: Alexandre D. <al...@co...> - 2002-03-07 09:29:00
|
Dear All, We are planning to create multiple drafts documents of the protocol and general framework in use for the IPFC framework. The main purpose is to create an effective and useful documentation that can be used for other protocols and/or other methods of logging, management and authentification. But that can also used to enter the "independent submissions" process of the IETF. The documents will be following (for the basis) : * ipfc-dtd (draft-authors-ipfc-dtd-00.txt) IPFC Document Type Definition is a document that defines the syntax and the semantics of the message used in the framework to communicate with each nodes. All message is specified in XML syntax to describe a concise XML DTD. * ipfc-exchange-protocol-http (draft-authors-ipfc-exchange-protocol-00.txt) IPFC Exchange Protocol using HTTP/TLS is a document that defines a method of exchanging data, in a stateful way, between nodes. * ipfc-secure-logging (draft-authors-secure-logging-00.txt) Depends on : ipfc-dtd and ipfc-secure-logging IPFC Secure logging is a document that defines a method for doing secure logging of nodes in a hostile environment using ipfc-dtd and ipfc-exchange-protocol-http. More documents can be done but these documents are the basis for the complete protocol/framework overview of the basic IPFC. Extensions that can be done are : - The use of another exchange protocol (Blocks Extensible Exchange Protocol (BXXP), SMTP/OpenPGP...) - The extension of the secure logging to other methods. - Reuse in other protocol like (for example) OpenSST. - and lots more... So, we are looking for volunteers that want to have an active participation into the documentation process and the reviewing of the documents. Don't hesitate to contact us via the ipfc-developer-list (ipf...@li...) I hope we can extend the collaborative Free Software process. Thanks a lot. Alex -- Alexandre Dulaunoy ad...@co... http://www.conostix.com/ |
|
From: Vincent J. <vin...@li...> - 2002-02-01 16:40:05
|
Hello Still in analysis phase for AIX &Oracle (I need to find time to write code). Sorry for being late... BUT I've an improvement idea for the AIX errpt wrapper. After this wonderful course 'bout SP/2 & PSSP Problem determination course in Montpellier, I'm able to define the RSCT (HA) logs & event managers used within PSSP (Cluster Management, used on RS6K SP/2 and node-attached servers (S-* and p690). Globaly, logs resides in /var/adm/SPlogs and /var/adm/ha/logs for PSSP & RSCT, and /var/adm/css for SP Switch logs. For some of them, logs are divided in some files, with <> levels of debuging or errors/events/all, for others, the're already handled by daemons (hats, hags) and send to anothers (haem) where the sysadmin can define automatic actions via Event Manager (pman), such as send mail, add errpt entry or take immediate action on system itself (by system partition, by node or by frame, on daemons or everything like files,....). Can take actions on event & on rearm (second case of the event) Very interresting and sometimes even not used by sysadmins on sites, 'cause of less knowledge of its existence. I carry all the information to Belgium make a schema next week. Now, for IPFC implementation, we have two ways: or use the natif daemons & Event Manager to send required data to our wrapper (easy), or write wrapper to catch data from the <> logs, as for "dumb" logs. I guess it's better to use built-in functionnalities of pman (Throu Perspectives/Event Manager or pmandef command) because system can take parallel actions on events (send info to IPFC and correct on system if needed, at the same time). PS: Ther're lots of penguins here in IBM Montpellier, and 1m-height Tux in the entry and labs; some S/390 running Suse Linux 7.2 /390 above VM, a Linux-netfinity cluster, some RS/6000 are also running RedHat 7.0 Linux! I was heard that the new Regatta p690 server (replacing SP/2 in some months, with Mainframe-looking harware excepting PowerPC4 cpus...) will support virtual partitions running native Linux and other AIX 5.2l. From now, just AIX runs on it, but you have two management consoles to control it: a CWS under AIX 5.2l for PSSP 3.4 and...a PC running RedHat Linux to manage all the VPAR (virtual partitions) of the frame (a node can be divided on virtual machines, like a mainframe)... WONDERFULL!! but I cannot make pictures, cameras are banned inside the factory... See you! -- Vincent Jamart UNIX systems engineer phone: +32-495/21.22.58 mail: vin...@be... ------------------------------ "My sister opened a computer store in Hawai. She sells C shells by the seashore." On Fri, 1 Feb 2002 16:51:15 +0100 (CET) Alexandre Dulaunoy <al...@co...> (Alexandre Dulaunoy) wrote: > * Added initial support for security advisory > * Improved frontend > * New logging format > * Added alerter (basic functionality for now) > * Better polling in db-backend, db-wrapnet and alerter > * Misc. fixes > > tagged RELEASE_1_0_3 > > > -- > Alexandre Dulaunoy ad...@co... > http://www.conostix.com/ > > > _______________________________________________ > Ipfc-announce mailing list > Ipf...@li... > https://lists.sourceforge.net/lists/listinfo/ipfc-announce |
|
From: Alexandre D. <al...@co...> - 2002-02-01 15:51:36
|
* Added initial support for security advisory * Improved frontend * New logging format * Added alerter (basic functionality for now) * Better polling in db-backend, db-wrapnet and alerter * Misc. fixes tagged RELEASE_1_0_3 -- Alexandre Dulaunoy ad...@co... http://www.conostix.com/ |
|
From: Alexandre D. <al...@co...> - 2002-01-14 13:57:03
|
A new release of IPFC (1.0.2 cvs tag : RELEASE_1_0_2) is available.
This new release includes :
* Added support for HMAC-SHA1 XML signatures
* Added mon wrapper
* general clean-ups and bugfixes
Now, you can sign with HMAC-SHA1 every message in the framework.
(from events (syslog, apachelog,...) to policy)
http://www.conostix.com/ipfc/
http://sourceforge.net/projects/ipfc/
Don't hesitate to give feedback.
See you soon.
alx
--
Alexandre Dulaunoy ad...@co...
http://www.conostix.com/
|
|
From: Alexandre D. <al...@co...> - 2001-12-27 13:17:03
|
A new release of IPFC (1.0.1 cvs tag : RELEASE_1_0_1) is available. This new release includes : * changed XML format (which is more space efficient now) * added the concept of "transports" * changed db-backend and libipfc to support new format * general clean-ups and robustness improvements url : http://www.conostix.com/ipfc/ http://www.sf.net/projects/ipfc/ Thanks. The official announce : Luxembourg, December 27, 2001 Conostix S.A. today announced the availability of IPFC (Inter Protocol Flexible Control) v1.0.1 IPFC v1.0.1 is a flexible software framework to manage, monitor and control multiple devices in complex networked environments. IPFC addresses the interoperability of heterogeneous corporate security infrastructures for - Comprehensive entreprise infrastructure reporting - Through centralized secure logging and data correlation - Easier security operations - Securely outsourcing part or the global security infrastructure IPFC is platform and product neutral. IPFC can monitor and manage multiple devices such as routers, firewalls, embedded devices, Unix servers, Windows servers, IDS, etc) The framework is scalable and based on a multi-tier architecture. This makes it possible to use IPFC for the whole range of security infrastructures, from the smallest to massively distributed and redundant management infrastructures. The data exchange protocol between the different zones in the IPFC architecture is secure, robust, stable and standard. IPFC can easily be integrated in any existing (or new) infrastructure. IPFC is easy customizable: new devices and data formats can be incorporated in a very short time period. IPFC software was developed by Conostix to fit their needs for MSS (Managed Security Services). The software was built to create the first product-neutral off-the-shelf security management tool. The complete software and protocol are released under the GNU General Public License. This means that the software can easily be customized to specific needs and can be audited by any authority. Conostix provides consulting and services around the IPFC framework. (from custom implementation to MSS services) For more information about IPFC : http://www.conostix.com/ipfc/ About Conostix Conostix is a young computer security company based in Luxembourg. Conostix is a security services and software company providing solutions for complex and distributed networked infrastructures. Conostix provides Managed Security Services and Managed Security Monitoring (MSS-MSM) in Europe. Conostix has taken a fundamentally new approach in their research and developement by using a Free Software (Open Source) methodology. Research and development focuses are : distributed framework for managing networked security devices, trusted operating systems and dedicated security devices. Conostix is located at Technoport Schlassgoart, rue de Luxembourg 66, L4221 Esch-Sur-Alzette (Grand Duchy of Luxembourg) Phone : +35226103061 Fax : +35226103062 Website: http://www.conostix.com/ Press contact : pr...@co... All names and trademarks are the property of their respective owners. -- Alexandre Dulaunoy ad...@co... http://www.conostix.com/ |
|
From: Alexandre D. <al...@co...> - 2001-12-17 20:07:13
|
Conostix S.A. today announced that IPFC (Inter Protocol Flexible Control)
1.0 are now available. IPFC v1.0 is a flexible software framework to
manage, monitor
and control multiple device in complex networked environnement.
IPFC addresses the interoporability of heterogeneous corporate security
infrastructures for
- Comprehensive entreprise infrastructure reporting
- Through centralized secure logging and <b>data correlation</b>
- Easier security operations
- Securely outsourcing part or the global security infrastructure
IPFC is platform and product <b>neutral</b>. IPFC can monitor and manage
multiple devices.
(routers, firewalls, embedded devices, Unix server, Windows server,
IDS,...)
The framework is scalable and divided into a 3 tiers structure. This
permit the monitoring and management from a single-point to a multiple
distributed
redundant management infrastructure. The data exchange protocol between
the different zone is secure, robust, stable and standard.
IPFC can be integrate in existing (or new) infrastructure with low impact
on existing
infrastructure. IPFC is easy <b>customizable<b>: new devices and data
format can
be incorporated in a very short time period.
IPFC software was developed by Conostix to fit their needs in MSS
(Managed Security Services). The software was built to create <b>the first
off-the-shelf security management tools</b>.
The complete software and protocol are released under the GNU General
Public License.
That means the complete software can be customized to specific needs and
can be reviewed (That means the software is fully <b>auditable<b>) by any
authority.
Conostix provides consulting and services around the IPFC framework.
(from custom implementation to MSS services)
For more information about IPFC : http://www.conostix.com/ipfc/
About Conostix
Conostix is a young computer security company based in Luxembourg.
Conostix is a security services and software company providing solutions
for complex and distributed networked infrastructure. Conostix provides
Managed Security Services and Managed Security Monitoring (MSS-MSM) in
Europe. Conostix takes a fundamentally new approach in their research and
developement by using a Free Software (Open Source) methodology.
Research and development focuses are : distributed framework for managing
networked security devices, trusted operating system and dedicated
security devices.
Conostix is located at Technoport Schlassgoart, rue de Luxembourg 66,
L4221 Esch-Sur-Alzette (Grand Duchy of Luxembourg)
Phone : +35226103061 Fax : +35226103062 Website: http://www.conostix.com/
Press contact : pr...@co...
All names and trademarks are the property of their respective owners.
|
|
From: Alexandre D. <al...@co...> - 2001-12-05 15:09:48
|
Dear all, We have moved the CVS directory as follow : /ipfc/docs General Documentation directories /ipfc/docs/db-backend Documentation for db-backend (all that can process files from the dr-server) /ipfc/docs/protocol Documentation for protocol and data format (from communication between zone to xml data format) /ipfc/docs/faq FAQ and HOWTO about IPFC framework /ipfc/docs/diagram Diagram for the IPFC framework /ipfc/src/db-backend Source code for the DB-Backend (including SQL Schema and processing scripts) /ipfc/src/dr-server Additional source code for the DR-Server (DR-Server is based upon Apache, this include a building script) /ipfc/src/frontend Frontend to interact with the db-backend /ipfc/src/lib Source code of library that can be used with wrapper and other application using the IPFC framework. /ipfc/src/wrapper Wrapper source code. (one directory per type) So the old current directory will be removed in a near future. (following the 1.0 release 17 December) We have moved the majority of source code to the new strucuture. But if you have OLD FILES laying around the current directory. you SHOULD move it to the new structure. Don't hesitate to contact me if you got any issue with that. See ya adulau -- Alexandre Dulaunoy ad...@co... http://www.conostix.com/ |
|
From: Alexandre D. <al...@th...> - 2001-06-16 11:18:11
|
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Dear All,
The new cvs tree is available at
:ext:dev...@cv...:/cvsroot/ipfc
The new tree is working as described here :
- --> current contains the current work.
-> docs
The docs directory contains documentation and related information.
(the highly recommended format is LyX in article mode or LinuxDoc)
-> source
Source directory contains all component for the ipfc framework.
-> dr-server
Data Repository Server (it's an extended apache-1.3.20 with some modu
les). Some patches will be applied to mod_put.c
-> wrapper
The wrapper contains all client wrapper contacting the Data
Repository Server. (like for Snort, IP Filter or Monitoring wrapper)
-> lib
Contains lib used by dr-server and wrapper. (perl and c)
-> db-backend
Contains structure of a generic SQL database for getting information
from the dr-server. (logs analysis, logs correlation, ...)
-> utils
Contains some useful utils for the ipfc framework and contributed
utils.
Hope this helps everybody to contribute to this project.
If you have any question,comments don't hesitate to contact me.
Thanks a lot.
Alexandre Dulaunoy
Alexandre Dulaunoy
http://www.foo.be/
AD993-RIPE
"It is ridiculous claiming that video games influence
children. For instance, if Pac-man affected kids born
in the eighties, we should by now have a bunch of
teenagers who run around in darkened rooms and eat
pills while listening to monotonous electronic music."
Anonymous...
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.4 (GNU/Linux)
Comment: Where is my key ? http://www.foo.be/key.txt
iD8DBQE7K0AtaY1aKQ+qq/4RAj0AAKC7zMRVxkhe1xgHo17mh3eJtJRc+wCfdY/c
galr7AzwN/Px/Gr32SnvHwg=
=oA5y
-----END PGP SIGNATURE-----
|
|
From: Alexandre D. <al...@th...> - 2001-06-10 16:55:32
|
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Dear All, After multiple comment and mail thread regarding ipfc, we have changed the design to do more generic framework for managing security module. We will make major document in the next few days to explain the functionnal part of the framework and the new design consideration and some code example. I will send an email when the document will be available. The make a simple introduction the framework will work as follow : * A central repository server will act all request from security module and other client (like gui, network monitor, logging to sql,...). * The central repository is a standard apache http server with some extended module to handle write. (like MOD_PUT and so on...) * The architecture will be more flexible and fault-tolerant (simple FS on the repository server). The central repository can be in VRRP for example and with a simple rsync architecture for the synchronisation. * The access-control of the management can be distributed across the security module. Because management client (like pushing security policy) is control on the repository server and not on each security module. * The managing of security module will be done by using simple daemon wrapper. * A standard lib for perl will be created to handle the wrapper part to create new client easily. (for checkpoint fw-1, cisco, and other general security configuration...) I would like to thanks : Tycho Fruru, Philippe Caesmart, Volker Tanger, Lennert Buytenhek and multiple ip filter users for the comment. If you have any question or feedback... Thanks Alexandre Dulaunoy Alexandre Dulaunoy http://www.foo.be/ AD993-RIPE "It is ridiculous claiming that video games influence children. For instance, if Pac-man affected kids born in the eighties, we should by now have a bunch of teenagers who run around in darkened rooms and eat pills while listening to monotonous electronic music." Anonymous... -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.4 (GNU/Linux) Comment: Where is my key ? http://www.foo.be/key.txt iD8DBQE7I6adaY1aKQ+qq/4RAjSmAJ4qVfFZE8PzaYJToFiEAS8OSX4cowCeN/jg b+FVVuPg1HZ2IMllsaU8VY0= =WQeP -----END PGP SIGNATURE----- |
