Realeyes Release Descriptions

Real eyes

The download files include:
  • Installation instructions
  • Debian package: This installation method handles all dependencies on a Debian Etch GNU/Linux system. It includes initial configuration scripts.
  • Source packages: These provide the source code, and include installation and configuration scripts. Dependencies must be installed manually.
  • UI Installer: This is an executable file to install the user interface on (non-Vista) Microsoft Windows.
  • Sample rules: These are very simplistic rule definitions meant only for testing the installation.
  • Checksum script: This validates the MD5 checksum of the downloaded files against the checksums calculated by the project.

Version 0.9.5: This release, dated May 24, 2009, includes many improvements to the user interface and a couple of critical sensor IDS fixes:

  • Database management from the user interface, including:
    • Import rules from SQL scripts, as well as executing any other SQL script
    • Clean up incidents closed without a report
    • User status, including forcing user logoff
  • Allow multiple Points of Contact for each Site definition
  • Add HOME network definitions to Sensor host definitions, which can be used in Triggers
  • Display Site information for the sensor that reported an incident
  • Rule validation, including extensive syntax checking as well as context checking for Actions and Events
  • Filter on Event or Trigger name in the Trends tab
  • Split the Reports tab into Reports and Statistics
  • Create multiple reports by copying from an existing report
  • Predefined entries, including a timestamp, in the Incident Report Notes tab
  • Find Triggers and text in the playback window
  • Decode hexadecimal values in the playback window
  • Prevent IDS sensor hangs by handling locks in the signal handlers
  • Add log rotation to IDS sensor and DBD logs

Version 0.9.4: This release, dated Jan. 22, 2009, improves usability over the previous one and includes new features:

  • Sort on Events in Analysis Tab
  • Additional control over closing incidents without a report
  • A new Special Trigger to compare the relative sizes of client and server sessions
  • Improvements in database performance
  • Fixes for applying dynamically updated rules to the IDS
  • Fixes some installation errors. Specifically, if only IPv4 or IPv6 was selected, the IDS would fail.
  • Correct sample rule definitions to match database changes.

Version 0.9.3: This release, dated Sept. 21, 2008, improves stability over the previous one and includes several new features:

  • Display of Unicode in playbacks
  • Support for IPv6
  • Access to all incidents in the Trends tab
  • New reports in the Reports tab
  • Additional Reference information in the online help
  • Improvements in database management, including the ability to display user sessions and shut them down
  • Improvements to the installation scripts

Version 0.9.2: This release, dated May 9, 2008, includes many significantr improvements that have come out of the pilot project. The performance and stability are vastly improved and there are many new features in the user interface:

  • Display of headers in playbacks
  • Ignore incidents status to close an Incident without creating an Incident Report
  • Addition of the Trends tab to display Incident Reports and Ignored Incidents
  • Addition of the Reports tab to output pre-defined reports on Incidents, Incident Reports, and Statistics
  • Reference information in the online help
The installation methods have also been improved, especially the source packages. Changes to the download files include:
  • Windows installer: This installs the user interface on a Microsoft windows system (not including Vista).
  • Debian package: In this installation method, dependencies are handled by the package manager. Improvements have been made to the initial configuration scripts.
  • Source packages: In this installation method, dependencies must be handled manually, but the installation instructions explain them in detail. Each package includes installation and initial configuration scripts.

Version 0.9.1: This release, dated Aug. 31, 2007, corrects a number of problems with the Debian installation and fixes some database permission issues.

Version 0.9.0: In this release, dated July 31, 2007, all of the components are functional, but it is definitely early Beta:

  • Playback session data
  • Online help
  • Statistics collection and utilities to display results
  • Support for encrypted sessions
  • Rule definitions from the user interface Logo