Arguably this release has been cooking for a little longer than necessary. However, like most people I have other jobs that actually pay the bills … Now how many open source projects pull that one out?!

Clearly I’m no exception

Still, as long as the masses keep requesting we’ll keep answering and if we ever get paid to do this the updates will come quicker.

So onto the good stuff, nothing will jump out at you in the release because quite frankly there’s nothing of real significance. The big fix is that Ubuntu Karmic installs should now work and CentOS 5.4 should be recognised. The rest of the updates of which there was about 15 to 20 little fixes, were focussed on internal error checking.

Feedback is always welcomed.

Enjoy!

This release is primarily a bug fix for Fedora, CentOS and RHEL installations that attempted to explicitly define the client package.

Thanks for Rami Labib and his team for picking that one up for us.

We took a few extra days to all so test out the initial upgrade framework for NSMnow. Upon an installation the actual NSMnow core script along with the component/package libraries will be installed similarly to the NSM administration scripts. This will provide the ability at later stages (fingers crossed) to perform updates using a command similar to:

# NSMnow -U

We’ll wait for the next release to see just how well that goes

Enjoy!

This release marks a major overhaul of the NSMnow code. Yes, major!

The core is no longer written in PERL but rather BASH. The reason for this change was two fold: remove the dependencies and unify the NSMnow core with the NSMadministration scripts.

Some benefits of this are that we no longer require the plethora of distribution specific checks just to get a simple install. It should also allow for a smoother transition onto the *BSD distributions.

Due to the recent release of Snort 2.8.5, we’ve decided to leave a few features out and get the 1.6.x branch a little more stable before we implement them. We have done some considerable testing but like most things I’m sure there’s plenty of room for bugs. So if you see them be sure to report them. Consequently we have marked the initial 1.6.0 release as beta.

Enjoy!

The last month has seen some interesting additions to the code base (motivated by Doug Burks) which will ultimately aid are non-Debian brethren. The 1.5 series sees the initial completed feature set for Fedora, RHEL and CentOS systems. This is excellent news for those who have wanted to have, use, test an NSM configuration for themselves but were daunted by the process of doing from scratch.

With this being initial release for support to Fedora, RHEL, and CentOS systems there is bound to be some teething problems. So as long as you submit the bug reports, we will fix them and NSMnow will continue to get even better, if that’s possible.

Happy NSM’ing!

Nothing noteworthy in this installment. The barnyard2 links have been updated to point to the new version 1.6.

We do have a few exciting things planned for the next release thanks to the contrubtions provided by you guys. So stay tuned for that …

This release of NSMnow is primarily an update for the links to barnyard2 and Snort (due to it’s new site structure).

A bug with the automatic process management of  multiple sensors has been addressed and patched accordingly, thanks to Jon. B. Bayer for finding that one for us.

Some of the team will be looking at the adminstration a little closer over the next few months so if there are any pressing administrative features you believe should be included then be sure to let the dev team know about them.

Until then, grab the latest copy from the NSMnow download page and give it a spin.

There was too many updates and features added to this to warrant a stability update so we bumped the minor by one. We’re sure you want mind.

After a lot of encouragement, this release adds two new functions to the Adminstration scripts including:

1. nsm_server_user-add
2. nsm_server_user-del

These functions are designed to simplify user access administration to the NSM server components.

In addition we have udpated the links to the new Snort 2.8.4 release as well as the barnyard2-1.4 release. In the event that snort 2.8.3.x branch is used on Ubuntu systems the scripts will now automagically patch the source as appropriate.

Thanks for all the feedback and keep it coming!

Although we said there would be no more features added to the 1.3 series an exception had to be made for the overwhelming feedback for a “clear/reset” function. So consider this your wish come true and you should be able to reset your sensors and servers with nsm_sensor_clear and nsm_server_clear respectively.

The barnyard2 link has also been updated to ensure you don’t get bitten by the waldo bug.

This update contains udpated link information to the new version of barnyard2 as well as some more tighter control with the process management on the sensor.

Currently “–skip-*” directives allow you to skip one of the sub processes of a sensor. Sometimes the converse is also handy, where you only want to action one or two of the sub processes. The “–only-*” directives have been included to do just that. Now if you only want to restart the snort alerting process on sensor “thor” you can use the following:

$ sudo nsm --sensor --restart --only-snort-alert

Lastly this option has also been integrated into the daily restart script in /etc/cron.d and should prove more stable.

Enjoy!