[Dshield] DShield.py 3.0rc2 released!

Geoff Shively gshively at pivx.com
Wed Jul 3 04:31:11 GMT 2002

Right on! That is awesome!

----- Original Message -----
From: "Eelco Lempsink" <eelco at wideview.33lc0.net>
To: <list at dshield.org>
Sent: Tuesday, July 02, 2002 3:39 PM
Subject: [Dshield] DShield.py 3.0rc2 released!

: Ladies and gentlemen... I'm very proud to announce...
: DShield.py 3.0rc2!
: Yep, that's right, DShield's best ipchains/iptables client just got
: better ;) (For the impatient: URLs are at the bottom)
: Since about two months, Andrew R. Jones joined the DShield.py
: development 'team'. In the past he made some great suggestions, and
: now he has written a lot of code for DShield.py.
: He extended the SMTP part of the script, added support for PGP
: (GPG), optimized the parsing (big time), and added support for the
: Snort log format.  (And he didn't even know anything about Python
: two months ago ;)
: On large files, DShield.py is _way_ faster than the framework client
: (Although I didn't really test another log format than iptables, I
: think I can make a fairly educated guess about the overall speed of
: DShield.py ;). On a file with about 20000 entries it was three times
: faster.
: Due to the overhead of Python having to load a big script (chockfull
: o' functionality :) it's a tad slower on small logfiles, but since
: the logfile is small, the real difference isn't big anyway (I'm
: talking about 0.1 seconds)
: Anyway, since I didn't announce 3.0rc1, here are the most important
: from the changelog since 2.2 (in somewhat chronological order):
:  - Added support for signing and encrypting submissions with GPG
:  - Added support for SSL/TLS to mail server
:  - Added support for authenticating to mail server
:  - Added use of SIZE SMTP verb
:  - Added a "User-Agent: DShield.py <version>" header to submissions
:  - Fixed TCP flags parsing for iptables entries
:  - Changed the log prefix to ignore for iptables to a config option
:  - Improved log parsing. It's faster now.
:  - Added support for Snort
:  - Added minimal support for locales (breaks Python 1.5 compatibility)
:  - In report(), LF -> CRLF (fixed thanks to Carlo Wood)
: There's one big 'if' about GPG submissions though. There's a (known)
: problem with submitting encrypted logs, that Johannes has failed to
: fix for some time now... If you didn't include your public key on
: sign up, but added it later, it's probably not correctly imported.
: I'm sure Johannes will notify 'us' (all the people on the mailing
: list, that is) when it's fixed. Please let me know if you use
: DShield.py with GPG. (Just interested.)
: Furthermore, 3.0rc2 is a beta version, and therefore needs some
: testing on other systems that the developers'. Don't be afraid to
: submit bug reports, we won't bark (nor bite). You can find our email
: addresses at the SourceForge project page (listed with the URL's
: below).
: Last thing, new developers are always welcome. We would like to
: include support for other formats (such as LaBrea) in the near
: future. Please mail me if you're interested.
: URLs:
: - DShield.py project page:
:     http://sourceforge.net/projects/dshieldpy
: - Download 3.0rc2:
:     http://prdownloads.sourceforge.net/dshieldpy/dshieldpy-3.0rc2.tar.gz
: - Latest stable version (2.4), only for chickens ;)
:     http://prdownloads.sourceforge.net/dshieldpy/dshieldpy-2.4.tar.gz
: - Always the latest stable version:
:     http://prdownloads.sourceforge.net/dshieldpy/dshieldpy.tar.gz
: Eelco
: --
: v++++>7*8-;q;b9*c9*aa*1+:2f*2+-v<[>++++v;;>#;;9p'-6*:+1a+5*aa;#z<>
: 0-<<-z]>+[>|!<>++++++>++++++>++0+>++++<z<<$<-]>-..>++++++.<--.>+++
: n.>>-+----.v<:..<---.<.>>---.--$.<++.<+v+.d>++++++.[-]++++++++++.[
: >44*1^<]www>,^<-*55:\-1+*33:+;.>5k,;2*b<33^\"kn"a,*2+1f;#zrlc0.net
: _______________________________________________
: Dshield mailing list
: Dshield at dshield.org
: To change your subscription options (or unsubscribe), see:

More information about the list mailing list