ossec-hids-mysql-1:3.0.1-5637.el7.art$>d :)/ǪB>6E?Ed( , Rlp     $ ,  (k(89:"GDHDIDXDYD\D]D^DbEdEeEfElEECossec-hids-mysql3.0.15637.el7.artThe OSSEC HIDS Server mysql connectorMysql connector for OSSEC[9b9efaf6717943c69bacf5cd4f5e69c0:Uphttp://www.ossec.netAGPLAtomicorp System Environment/Daemonshttp://www.ossec.net/linuxx86_64 :Ih[i[q98330228439b3d1316b71d19bf1dab3053d5b7ebe318743ad6c35448fc10cdede342e18138de9f22bc43c7b556b6b4fdee99e99a9c36e2a956876e062f3df562rootrootrootrootossec-hids-3.0.1-5637.el7.art.src.rpmossec-hids-mysqlossec-hids-mysql(x86-64)   @@@@@@@@@@@@@@@@@@@@@@ ossec-hids-serverrpmlib(FileDigests)rpmlib(PayloadFilesHavePrefix)rpmlib(CompressedFileNames)libcrypto.so.10()(64bit)libcrypto.so.10(libcrypto.so.10)(64bit)libc.so.6()(64bit)libc.so.6(GLIBC_2.14)(64bit)libc.so.6(GLIBC_2.15)(64bit)libc.so.6(GLIBC_2.17)(64bit)libc.so.6(GLIBC_2.2.5)(64bit)libc.so.6(GLIBC_2.3.4)(64bit)libc.so.6(GLIBC_2.3)(64bit)libc.so.6(GLIBC_2.4)(64bit)libc.so.6(GLIBC_2.7)(64bit)libdl.so.2()(64bit)libdl.so.2(GLIBC_2.2.5)(64bit)libGeoIP.so.1()(64bit)libm.so.6()(64bit)libm.so.6(GLIBC_2.2.5)(64bit)libpthread.so.0()(64bit)libpthread.so.0(GLIBC_2.2.5)(64bit)libpthread.so.0(GLIBC_2.3.2)(64bit)libssl.so.10()(64bit)libssl.so.10(libssl.so.10)(64bit)libz.so.1()(64bit)rpmlib(PayloadIsXz)1:3.0.1-5637.el7.art4.6.0-14.0-13.0.4-15.2-1ossec-hids-postgres4.11.3XXYX@TT @SSS[S@R@R@RʚR@R@RrF@Ri RR@Q@QY@Q@@QQ@Q@Qu&@Qu&@QkQg@Q\PDPP@PP@OiO@OЗOЗO O OpZ@NNS@NK@N;@N;@N6@N-ZNMMM@M@M@M?MM>MUM@M PL~L8LΫLΫLʷ@LeL@L{LL@LA@LLLzL~@@L|LvW@LmLa?@LRL4l@LT@KtK͗@KKK@K[K@K8@K@K@K@J@JJJ@JJJn@JL@JI@J2C@J2C@J/@J&eI@Io@I)@I4IܑIII@I@I&@III~@H@H|@HcHM@H2@H)GJ@GAzGV@G m@Fޚ@F@F@FF@Fr@Fq-FIF-@EWEEySEIE E DDY@D@DLSupport - 2.9.0-50Support - 2.9.0-49Support - 2.9.0-48Support - 2.8.1-47Support - 2.8.0-46Support - 2.8.0-45.1Support - 2.8.0-45Support - 2.7.1-44Support - 2.7.1-43Support - 2.7.1-42Support - 2.7.1-41Support - 2.7.1-40Support - 2.7.1-36Support - 2.7.1-35Support - 2.7-34Support - 2.7-33Support - 2.7-32Support - 2.7-31Support - 2.7-30Support - 2.7-29Support - 2.7-28Support - 2.7-27Support - 2.7-26Support - 2.7-25Support - 2.7-24Support - 2.7-23Support - 2.7-22Support - 2.7-21Support - 2.7-20Support - 2.7-19Support - 2.7-17Support - 2.6-16Support - 2.6-15Support - 2.6-14Support - 2.6-13Support - 2.6-12Support - 2.6-11Support - 2.6-10Support - 2.6-9Support - 2.6-8Support - 2.6-7Support - 2.6-6Support - 2.6-5Support - 2.6-4Support - 2.6-3Support - 2.6-2Support - 2.6-1Support - 2.6.0-0.10Support - 2.6.0-0.9Support - 2.6.0-0.8Support - 2.6.0-0.7Support - 2.6.0-0.6Support - 2.6.0-0.5Support - 2.6.0-0.4Support - 2.6.0-0.3Support - 2.6.0-0.1Support - 2.5.1-10Support - 2.5.1-9Support - 2.5.1-8Support - 2.5.1-7Support - 2.5.1-6Support - 2.5.1-5Support - 2.5.1-4Support - 2.5.1-3Support - 2.5.1-2Support - 2.5.1-1Support - 2.5-1Support - 2.5-0.9Support - 2.5-0.8Support - 2.5-0.7Support - 2.5-0.6Support - 2.5-0.1Support - 2.4.1-11.2Support - 2.4.1-11.1Support - 2.4.1-10Support - 2.4.1-9Support - 2.4.1-8Support - 2.4.1-7Support - 2.4.1-6Support - 2.4.1-5Support - 2.4.1-4Scott R. Shinn - 2.4.1-1Scott R. Shinn - 2.4-5Scott R. Shinn - 2.4-4Scott R. Shinn - 2.4-1Scott R. Shinn - 2.4-0.2Scott R. Shinn - 2.4-0.1Scott R. Shinn - 2.3-8Scott R. Shinn - 2.3-7Scott R. Shinn - 2.3-6Scott R. Shinn - 2.3-1Scott R. Shinn - 2.2-5Scott R. Shinn - 2.2-4Scott R. Shinn - 2.2-3Scott R. Shinn - 2.2.0.beta2.1Scott R. Shinn - 2.2.0.beta1.1Scott R. Shinn - 2.1.1-5Scott R. Shinn - 2.1.1-3Scott R. Shinn - 2.1.1-1Scott R. Shinn - 2.1-3Scott R. Shinn - 2.1-1Scott R. Shinn - 2.0-11Scott R. Shinn - 2.0-10Scott R. Shinn - 2.0-9Scott R. Shinn - 2.0-8Scott R. Shinn - 2.0-7Scott R. Shinn - 2.0-6Scott R. Shinn - 2.0-5Scott R. Shinn - 2.0-4Scott R. Shinn - 2.0-2Scott R. Shinn - 2.0-1Scott R. Shinn - 2.0.0-0.090225.1Scott R. Shinn - 2.0.0-0.090220.1Scott R. Shinn - 2.0.0-0.090206.1Scott R. Shinn - 2.0.0-0.090205.1Scott R. Shinn - 1.99-2Scott R. Shinn - 1.99-1Scott R. Shinn - 1.6.1-1Scott R. Shinn - 1.6-1Scott R. Shinn - 1.5.1-1Scott R. Shinn - 1.5-3Scott R. Shinn - 1.5-2Scott R. Shinn - 1.5-1Scott R. Shinn - 1.4-2Scott R. Shinn - 1.4-1Scott R. Shinn - 1.3-4Scott R. Shinn - 1.3-3Scott R. Shinn - 1.3-2Scott R. Shinn - 1.3-1Scott R. Shinn - 1.2-8Scott R. Shinn - 1.2-7Scott R. Shinn - 1.2-5Scott R. Shinn - 1.2-4Scott R. Shinn - 1.2-3Scott R. Shinn - 1.2-1Scott R. Shinn - 1.1-1Scott R. Shinn - 1.0-2Scott R. Shinn - 1.0Scott R. Shinn peter.pramberger@member.fsf.orgpeter.pramberger@member.fsf.orgpeter.pramberger@member.fsf.orgpeter.pramberger@member.fsf.orgpeter.pramberger@member.fsf.orgpeter.pramberger@member.fsf.orgpeter.pramberger@member.fsf.org- Change labels in alert mail headers to "ASL"- Update to Ossec 2.9.0 Final- Update to Ossec 2.9.0- Update to 2.8.1. This is identical to 2.8.0-46, the only change is the hosts.deny CVE-2014-5284 is merged in.- Revert BR#1596 - Add Bugfix for hosts.deny race condition (CVE-2014-5284)- BR #1596, Add fork limiting patch (max 10) for execd to prevent DoS conditions- Upgrade to 2.8.0- Feature Request #1512, speed up shuns in execd, move sqlite down- Relink against native mysql- Add ar-tracking active response- Placeholder for null exclusion rules. Legacy support- ASL 4 version with new database format- Add support for Fedora 20 - Modify optimization flags for FORTIFY- Update to 2.7.1 - Add independent rules.d/decoders.d ossec-rules package- FR#772, add rule 3360 for postfix slow brute force - add dovecot-decoder.patch for cpanel dovecot - Update 9702, 9753 for dovecot brute force - FR#773, add rule 11308 for pure-ftp slow brute force - FR#1347, Update for courier v4 decoder (pop3s) - FR#1359, Update horde decoder for v5- Disable ossec-dbd signature table (replaced by aslw_rules). This was very slow- Break ossec-dbd into separate package - FR#1321, update courier-imap decoder for version 4.0- Bugfix #XXX, prevent truncating last character on ossec-dbd database inserts on the alerts/data table- Add tld column to alert table w/ index- Deprecate internal id generation in dbd - update schema to autoincrement, increase id space to int- Add is_hidden to mysql schema- Add if exists to mysql schema- Add os_dbd-mysql-replace-query.patch to consolidate SELECT/UPDATE into REPLACE sql- Consolidate alert & data into a common table - Add ossec-authd init script- Add sqldelete command to execd - Update to clear sqlite db at startup- More minor updates to GeoIP tracking- Minor update to GeoIP tracking- Bugfix on permissions for files in shared/ directory for client installs - Add GeoIP support - Remove dependency on perl-DBD-SQLite - Update asl-shun to new non-perl based version. - Deprecate firewall-drop-update.patch - Add sqlite support to execd (/var/ossec/var/execd.sqlite)- Update to 2.7 final- Feature Request #XXX, revert duplicate detection in log events to help detect extremely fast brute force attacks - Add FORTIFY_SOURCE, PIE, and relro (full)- Update to 2.7-rc2- Update to 2.7-rc1- Move active response components under the common package- bugfix #xxx, correct ownership permissions on fts dir- Update to init script to suppress spurious execd output - Add alerts queue to server package with ossec/ossec permissions- Bugfix #XXX, correct any/agentd condition- Moved agentless packages under server- Drop timeid and cat_id indexes from schema- Add new index, timeid to alerts table.- Add cmoraes patch, Adds config options for enabling/disabling rootkit/syscheck options, and agent config profiles - Add ossec-memleaks patch - Add agentless directories, and agent.conf - Bugfix #XXX, ossec-hids.init will now return an exit code on status- Add prelink_cmd support- Bugfix #XXX, display multi-line events in data table correcty- Update to asl-shun.pl purge event to default to 24 hours.- Update to asl-shun.pl to change ordering of block rules - Revert from 0805 snapshot- Update to 0805 snapshot- Update to 0801 snapshot - Update asl-shun.pl to log to active-responses.log, blocks now go to the named chain ASL-ACTIVE-RESPONSE, and delete events are more redundant.- Update to OSSEC 2.6 Final- Update to snapshot 110711- Update to snapshot 110613- Update to snapshot 110609- Update to snapshot 110606 - Moved ossecr user creation event to the ossec-hids core package- Update to snapshot 110531- Update to snapshot 110526- Update to snapshot 110504- Bugfix #536, Increase the default sleep time for syscheck- Renamed to 2.6 branch- Add support for the rules/decoders dir system- Update to snapsot 110405 - Update asl-shun to support ossec alert ids- Changed asl-shun sqlite database to /var/ossec/var/blocklist3.sqlite - asl-shun database format now stores the full alertid- Update to snapshot 101203- Update to snapshot 101125- Added alertid support to os_dbd, this involves a schema update- Added dst ip, src prt, and dst prt capture support to os_dbd- Bugfix #XXX, manage_agents was built in client mode for the server package.- Add clamav decoder & ruleset- Update to 2.5.1 final- Update to 2.5 final- Update to 0928 snapshot- Extended no_ar into ossec-dbd- Add no_ar option to disable active response per rule- Update to snapshot 100920- Update snapshot to 100907- Snapshot 100901- Added test fix for os_dbd- Bugfix #376, ossec-control will now properly stop and reload- Update to 0809 snapshot- Relink against native mysql- Add minicon decoder from les fenison- Update to 100707 snapshot - Feature Request #371, add ossec.log to logrotate- Updated to 100615 snapshot- Updated init and ossec-server scripts to support the new reload feature.- Update to 2.4.1- Added zabbix reporting active response- Update to 2.4 final - Lowered courier rule 3910 (failures) from 6 over 240 to 10 over 10 - Lowered courier rule 3911 (success) from 10 over 60 to 30 over 20- Rebuilt for atomic repo- Update to CVS 100317- Update to CVS 100311 - Add decoder for denyhosts - Update asl_rules.xml to include denyhosts rules- Update to CVS 100309- Added new decoder for smtp_auth - Added rules to detect smtp_auth brute force attempts - Added rules to detect imap/pop brute force attempts- Updated ossec-server.conf to be in parity with the ASL config - Added templates dir for generating configs- Update to 2.3 release- Update to snapshot 091109- Update to snapshot 091008- Update to snapshot 090925 - Added timestamp field to the mysql schema - Bugfix #XXX, for the ossec-client.init script to call the correct (renamed) ossec syscheckd/logcollector daemons - Appologies for not updating the previous changelogs. Missed a few updates!- Update to snapshot 090827 - Feature Request #225, Added logrotate event to active-response log - Updated system_audit_rcl.txt to look for the correct php.ini file- Update to 090824, beta 1 release- Update to 090812 snapshot- Rebuild agent daemons with -DCLIENT, added symlink trickery- update to 2.1.1- update to 090630 snapshot, this has fixes for CentOS/RHEL 4 64-bit environments- update to 2.1 final- update to snapshot 090612- update to snapshot 090610- update to snapshot 090603- Disable postgresql support, to get around an undesirable dependency on EL4- Update to snapshot 090417- Update to snapshot 090413 (this adds in inotify support)- Update to snapshot 090410 (this adds in inotify support)- Update to snapshot 090408- Added authpsa rules back in, this is used to detect brute force attacks - Added conditional building support for ASL modifications- Update to 2.0 official release- update to snapshot 090225- update to snapshot 090220- update to snapshot 090206- update to snapshot 090205- update to CVS code 090129, this is not an offical release. Its for testing only- update to CVS code 090126, this is not an offical release. Its for testing only- update to 1.6.1- update to 1.6- update to 1.5.1- added mysql support- Added Stanislaw Polak's excellent ban-hackers script to manage shunning more intelligently.- update to 1.5- fix on active-response locking bug that prevented some rules from expiring.- update to ossec 1.4- update snapshot to ossec-hids-071011.tar.gz - relinked C4, FC4, FC5 against mysql4- update to snapshot ossec-hids-071006.tar.gz- update to shun blocklist tracking used by ASL - added authpsa rules + decoder- update to 1.3- minor adjustment in post, to check for config file before overwriting it- v6 was first version of the patch. - added in logging in active-response for better ASL support - Disabled conf event in post, to keep from overwriting config files.- changed permissions on queue/syscheck so it can be read by the ossec group (tweak for web gui)- removed the noreplace settings from decoder and the rules - patch for a more ASL friendly client config- release -2 had a bug. - added ASL rules (asl_rules.xml) - added decoder for the asl style modsecurity logging - adjusted syslog_rules for qmail-scanner issue (BUG #ASL-18) - Added http index in asl_rules.xml (BUG #ASL-7)- update to 1.2- update to 1.1- configuration change for ASL- updated to 1.0- import into ART - changed their naming conventions a bit, 0.9-3 to 0.9.3. Please dont be cross with me.- new version (0.9-3)- new version (0.9-2)- new version (0.9-1a)- new version (0.9-1)- new version (0.9)- some bugfixes- created1:3.0.1-5637.el7.art1:3.0.1-5637.el7.artmysql.schemaossec-dbd/usr/share/ossec/contrib//var/ossec/bin/-O2 -g -pipe -Wall -Wp,-D_FORTIFY_SOURCE=2 -fexceptions -fstack-protector-strong --param=ssp-buffer-size=4 -grecord-gcc-switches -m64 -mtune=genericdrpmxz2x86_64-redhat-linux-gnu?7zXZ !#,m]"k%l{lsi^)ۦs:q x]j<&DtH9E 9|ag~?Jzk=֎yOW/Qf*8R#9Mso>R C$m&eVӸܙ$[9I϶ٛWek\E(Iȵ] A5D?gpZ\ׯIL1zmH"1F) N*X(AW ®,K nɆ2gJ` |;bwLfKzԷXu]CjG̘VTsuz?04! m]aUQG{wqm0oe{SyWQYkb2{՗1e%6Ah:N]tulMHmh"Lc$%O&}]/:">_JZ^6i5V6~I@̸H~W LMC͏_Wq4pM.zx-PP V2S;# cFR4rzkkfU|a7z˿zx,h;@M$*ϸ{[㩄J@៙ _9>I8."ZQI])%ul$]QI҃:xH^knR+$h=͒ N!#""{ߏFh:(D]acKdFGihېI<=?{v~%hJΒ |D]Q;1{n@N+- X^gd.*/GUˌz_QŊ]';$X^hrдoIl+iIFݒ' 0Ww :\aYk@3/Ǥ33V)*{%Bzn@?$kB!n/cjMrTG;hp*hHh*#FɘQ| N )<;]i| ÉKR\Һ(/ Ә&%'P27V+q3 eϓwqO;ϸDŽj `IN13|@#121~wfΔ_dA+Ւ1'^q٤55p[",R(|߆ɝZbn#!5uXmMn=,@f[ 8@aLMuU#Ƹ[~S2mD|mccGB^tY '^zC doN0ӱ^ ã%)7ԅ+Z(:Oj|&0R ``*F{vA^.UNP&X4g0Gg6XRm(V,MJBf~ޅ=-7d{S˭BF:k]ǷM-ձ Gne-+>I=* b%I3ЈRe,2aoe]`AP!:27!vv/ Qv'kkf*dE&q)D&@Zh TţT+Zjà%Und>3Z/%-MޒS Q#pvA)eH^ nb͛ւYdPm{-.;G-.~2؉[ _OC,pZGԟ42/fK\sـ8Z?'$εlZ/1Rd~гجz#e ($Wd]jMƍ%srEZ[X-;(Bon(_[UZ.tzM4'%Vu7+jE gRP0Qb#2аN/9ba!hɡU8ZAI_ y=YXoz2S(0[8) υRWL_,8x`JNe1Mۛfw_:/ˮ_hb\iW?I#{KR%a] &RhC!?%S`p'Ý+ߧ; =9˿'aAG %#Tc ڿItf gJfy {/dxD@ d>9e=Ck 邙ђ&NFvBds` фn|CIۚ/ JR63!IȞzZ_ˮ3:9ЄGكi]$hZk6%3մ~h@JaBae}w褛yu wwCՇsȠuLS^y40sA(4) Ig{UjYѯiwc͏Yv -a 2"=9خ?;(nUG614W"{[Tb"8~QѠ sI2U{ѻjEf涽gCP:bg vVyFA@WKS 9uk;`|Vbn؃^NXZM^y+n Kt.} Dpo~Auu p$+Z qLwq .!{FoId3TcHAg\ *טYqtXAޤ % NH%T C Vc@Dk?`: =ߗ_jΰevq]w`Ssj{pIшFtz6 Qw73`ި0VH9h+ lju#d>PI;<ӗ8 n=TPaK-%aK ʚ+?]㉳PjuIQFȽ,TG_w:fGab]`O9 SZ=41r&1czMJ)S2p?q="o;ռүe)54[BK5pQ +^z>e4]Sy" 2%%q>w}V1X;ɕ .(캺x/qok wo"YzyFe`E;w'q1 ًt1 rN8dz HgCL$tt:fh~k+pHDPG /]eE\4/bG^3JyIփ,S1Ӛΰ$rơ4{QZjcNH s`V|ř#0d7nV)ԉ C?w=LM( 7jUɛ8, 4\Y]\D&6V;$i}~-r1 n ɚ]Xz,g&Q߭Bch~#?E#qwJh/9beմҌb<W 5;Y}?,Ӏ: ;(s9@2WPF;dHf9ҧs1o(MFz8; /Ye!'(q { QӀ?|(<4ATACsoPj\ g(붢[In߰T;{x;NG޹ypL7sl7!#w mkhC\1+9I;De[X([OoV%U/gJi#PXJ so 2@ ~TSAĭ`A;b7֒oS)3pYW:H%`:MA?rFmk+Ȇ|@D~LeFu&f(*!i'뀢ԗH*MNDpS,` }u']:Tn(l {dork䦑ɲXy)Ɣ7RǝWų(j͜o2?3 +2C%cJ bAtBMM^ܚU={΅ϧ6g5 b15֐5[ ubկU+8gN 6U;c %:Kݿ; kA*Hܛ/{'k1x0 z8P a 5 /ܚk`KX1w(-Εru-P( 2K"C:uƱ;75UןvBWwNkuΡp$|#qp 43;*^=x :WC0F?mbbٜH";:YE-8A>aAԢEm I<KuhJ&a+/{}AKGdmaVK ۅ6 B~(B.IBS@B%W¤>0 n||6"9$XFPOa>YAH3ii Ϣl-ʀ((B +d~t$:mf=ARdݮ &CHz\oNVTLb$~N<6E{\(5һV 1ZB&D S.X?GƐgT%C,bQ6!Vԩr[>sE,4zݶF# |ddl?<+%7o`bhϩo3=gI|V1^Fa}1,Kh|Mnt:Ȇ/T4b5[yr=y=DP7~N׹nl:lmڸ\rD067SmI; x ,bkÛ7}׊|qB_pg玦bcQ{QG#!zsS.fX%l=љ񿋷=c͌TJUY_Ya]!M|+Y1rV-'(,56iJ9æhDG-9 9rϦPUq`M7?П5-h_-o1KmkǖJr wZAQ&8C{m,}d*[Ңl*94Ϯ"dWh8G9rMƸ T=Ģ[Q\25(Zu4F,j7iUV1SBZopᲝ@N7"PB5 dt}UK{XGClAZW\So0fSPptQ=cfĦ XZ.1BYtڹ5 z:06{Ada.]a!\`sYseD.rAQ\FKCGԯmƫʚ;cubz{g7v:+ZYyi6Zp|?> Z|>^,|w! škċUʼcUzNL"6@ !N*pL x]p΁ED.G0Ẹ<.h'/|) ! 1y$bW3YH"zhnR5K2Px,r}Fybt xRbXθF잹q9}b_26?X2"VoZZ"I8~Em- J8k#K@k"9Vt( bD `I(J.qq ͕+߳ʓC=}kM_V-"*-ju/3+R[<_ ?ĥK~CkQ *0'ڬ#,&pqO;e֨Q]|]NQ:_Y+@,r%zSȇm<`m}cNƓFaQʅef=ia|p(68Jy˄b6?ng(;쫕6:7f YZ