[Dshield] DShield.py 3.0rc2 released!
gshively at pivx.com
Wed Jul 3 04:31:11 GMT 2002
Right on! That is awesome!
----- Original Message -----
From: "Eelco Lempsink" <eelco at wideview.33lc0.net>
To: <list at dshield.org>
Sent: Tuesday, July 02, 2002 3:39 PM
Subject: [Dshield] DShield.py 3.0rc2 released!
: Ladies and gentlemen... I'm very proud to announce...
: DShield.py 3.0rc2!
: Yep, that's right, DShield's best ipchains/iptables client just got
: better ;) (For the impatient: URLs are at the bottom)
: Since about two months, Andrew R. Jones joined the DShield.py
: development 'team'. In the past he made some great suggestions, and
: now he has written a lot of code for DShield.py.
: He extended the SMTP part of the script, added support for PGP
: (GPG), optimized the parsing (big time), and added support for the
: Snort log format. (And he didn't even know anything about Python
: two months ago ;)
: On large files, DShield.py is _way_ faster than the framework client
: (Although I didn't really test another log format than iptables, I
: think I can make a fairly educated guess about the overall speed of
: DShield.py ;). On a file with about 20000 entries it was three times
: Due to the overhead of Python having to load a big script (chockfull
: o' functionality :) it's a tad slower on small logfiles, but since
: the logfile is small, the real difference isn't big anyway (I'm
: talking about 0.1 seconds)
: Anyway, since I didn't announce 3.0rc1, here are the most important
: from the changelog since 2.2 (in somewhat chronological order):
: - Added support for signing and encrypting submissions with GPG
: - Added support for SSL/TLS to mail server
: - Added support for authenticating to mail server
: - Added use of SIZE SMTP verb
: - Added a "User-Agent: DShield.py <version>" header to submissions
: - Fixed TCP flags parsing for iptables entries
: - Changed the log prefix to ignore for iptables to a config option
: - Improved log parsing. It's faster now.
: - Added support for Snort
: - Added minimal support for locales (breaks Python 1.5 compatibility)
: - In report(), LF -> CRLF (fixed thanks to Carlo Wood)
: There's one big 'if' about GPG submissions though. There's a (known)
: problem with submitting encrypted logs, that Johannes has failed to
: fix for some time now... If you didn't include your public key on
: sign up, but added it later, it's probably not correctly imported.
: I'm sure Johannes will notify 'us' (all the people on the mailing
: list, that is) when it's fixed. Please let me know if you use
: DShield.py with GPG. (Just interested.)
: Furthermore, 3.0rc2 is a beta version, and therefore needs some
: testing on other systems that the developers'. Don't be afraid to
: submit bug reports, we won't bark (nor bite). You can find our email
: addresses at the SourceForge project page (listed with the URL's
: Last thing, new developers are always welcome. We would like to
: include support for other formats (such as LaBrea) in the near
: future. Please mail me if you're interested.
: - DShield.py project page:
: - Download 3.0rc2:
: - Latest stable version (2.4), only for chickens ;)
: - Always the latest stable version:
: Dshield mailing list
: Dshield at dshield.org
: To change your subscription options (or unsubscribe), see:
More information about the list