OSSEC 2.2 Released
A new version of OSSEC was released today. There is support for more logs and several bugs were fixed. Perhaps one of the most interesting changes is support for WordPress logging. WordPress, despite being one of the most popular blogging applications in the world, does not have logging by default! Can you believe that? Someone can be pounding away at your admin credentials all day and you might be none the wiser.
Daniel Cid saw this as a problem and took an old, unmaintained logging extension, fixed bugs (including some security bugs), and extended the logging functionality. Then he added support into OSSEC, of course. If you have a WordPress blog, it’s a worthwhile upgrade.
I also contributed some stuff. RoundCube support has been added, although amazingly, again, the logging sucks. By default it will log successful authentication but not failed. Huh? There’s a patch to make it do both. OSSEC can monitor those, which I’ ll post about a bit later. I also contributed Dovecot support, but that may not have made it into this one. If you need to analyze Dovecot logs, just get it from the OSSEC users mailing list.
All in all, this seems like a good release.