[Secureideas-base-devel] BASE proposed roadmap

SourceForge Headquarters 225 Broadway Suite 1600 San Diego, CA 92101 +1 (858) 454-5900

OK this is really loose and sort of turned into a BASE 2.x feature list.

Roadmap
BASE 1.x
             End of Development (EOD) now (except for bugs and  
features requests already in the PIPeline - if they can be pushed to  
2.x the better)
             End of Life (EOL) match to Snort 2.x
             End of Support (EOS) 1 year after EOL
Current Features in the PipeLine for 1.x if new features come up  
unless one of the developers wants to tackle it we will push it to 2.x

Current Bugs to be fixed in Base 1.x and support for new bugs up to EOS

BASE 2.x

features
P0F
IPv6
AirSnort
Database Schema update
Front end refresh
legacy view that matches functionality and look of BASE 1.x
database insert mechanism (external information generator..NMAP, etc..)
SNORT signature control
support for unified logging direct to BASE or from other engines such  
as Barnyard
1. Better error reporting, always with __FILE__ and __LINE__,
more sanity-checks.  Each error message near to any database
operation should also contain the SQL-query, at least in debug
mode, maybe even in normal mode.
2. No more "die on error" or exit().  It's annoying for any user
and hardly debuggable.  Real errors may also be printed right
at the screen to assist those ones who do not know, that there
are log files.  Sometimes try {...} catch(Exception $e) {...} is
appropriate.  adodb provides also adodb-exceptions.inc.php.
3. Although I am not really a fan of what others call "optimization",
we should take care about performance issues.  Maybe we should try
and
reduce SQL-queries to a minimum, although I am not sure about
this.  For the time being I suppose, that processing an array in
php is faster than querying the database again and again.
The section
      "High Speed ADOdb - tuning tips"
in the adodb manual talks about an adodb C extension, which could be
installed, but also about GetArray() and foreach-iterators, that
could possibly have positive effects on the performance,
although this needs to be proved, of course.
4. At least building the initial screen should not take for ages,
even not if there are millions of alerts.  A few quick SQL-count...-
queries, if at all, should do it, as well. The first impression
of any user is crucial.
5. Well, and a more modern outfit would be great, of course

Timelines

I would like to see a framework or at least the skeleton of BASE2.x,  
maybe some screen mockup proposals and docs, by the end of the summer.

Sean Muller CCNP CCDP GAWN
"Do or do not... there is no try." Yoda
sm...@se...
AIM
sam...@us...
MSN
sam...@us...
Yahoo
SeanMuller_BASE
google talk
seangmuller
ICQ
496984041
LiveJournal
seangmuller