Robert Edmonds | 27 Sep 00:27 2014

nmsg 0.9.1 released

Hi,

nmsg 0.9.1 is now available.  This release fixes a bug introduced in
nmsg 0.9.0 that could crash libnmsg/nmsgtool in certain situations.

Source tarball:

    https://dl.farsightsecurity.com/dist/nmsg/nmsg-0.9.1.tar.gz

Git tag:

    https://github.com/farsightsec/nmsg/tree/tags/v0.9.1

nmsg (0.9.1)

  * Fix a crash that was caused by incorrect initialization of
    ProtobufCBufferSimple objects.

  * Increase the required verbosity level for several noisy debugging log
    messages in the seqsrc tracking code from 5 (nmsgtool -ddddd) to 6
    (nmsgtool -dddddd).

 -- Robert Edmonds <edmonds <at> fsi.io>  Fri, 26 Sep 2014 15:20:49 -0400

--

-- 
Robert Edmonds
Farsight Security, Inc.
Robert Edmonds | 13 Aug 22:57 2014

sie-nmsg 0.17.0 released

Hi,

sie-nmsg 0.17.0 is now available.

Note that this release depends on the latest version of protobuf-c
(1.0.1 or newer).  It is not compatible with earlier versions of
protobuf-c.  See <https://github.com/protobuf-c/protobuf-c/releases/latest>
for the link to the latest release tarball of protobuf-c.

Note that this release depends on the latest version of nmsg
(0.9.0 or newer).  It is not compatible with earlier versions of nmsg.
See <https://dl.farsightsecurity.com/dist/nmsg/> for the latest release
tarball of nmsg.

Debian packages of nmsg 0.9.0 and sie-nmsg 0.17.0 will be available
shortly.

Source tarball:

    https://dl.farsightsecurity.com/dist/sie-nmsg/sie-nmsg-0.17.0.tar.gz

git tag:

    https://github.com/farsightsec/sie-nmsg/tree/tags/v0.17.0

--

-- 
Robert Edmonds
Farsight Security, Inc.
Robert Edmonds | 13 Aug 22:52 2014

nmsg 0.9.0 released

Hi,

nmsg 0.9.0 is now available.

Note that this release depends on the latest version of protobuf-c
(1.0.1 or newer).  It is not compatible with earlier versions of
protobuf-c.  See <https://github.com/protobuf-c/protobuf-c/releases/latest>
for the link to the latest release tarball of protobuf-c.

Note that due changes in protobuf-c, the libnmsg message module plugin
interface has changed.  This requires updating any installed libnmsg
message modules (such as sie-nmsg) to a version compatible with this new
release of nmsg.  Older releases of libnmsg message modules are not
compatible with this nmsg release.

A new version of sie-nmsg (0.17.0) is also being released today which is
compatible with nmsg 0.9.0.

Debian packages of nmsg 0.9.0 and sie-nmsg 0.17.0 will be available
shortly.

Source tarball:

    https://dl.farsightsecurity.com/dist/nmsg/nmsg-0.9.0.tar.gz

git tag:

    https://github.com/farsightsec/nmsg/tree/tags/v0.9.0

nmsg (0.9.0)
(Continue reading)

Ashrith Barthur | 3 Aug 17:30 2014
Picon

Error while running configuring sie-nmsg

Hello, I am trying to install sie-nmsg. I have taken both, nmsg and
sie-nsg from farsight security git hub. nmsg along  with wdns
is at non-standard location. 

For sie-nmsg I tried to configure using 
./configure libwdns_CFLAGS\='-I/tmp/testing/wdns-0.6.0/wdns/'
libwdns_LIBS\='-L/tmp/testing/wdns-0.6.0/wdns/'
libnmsg_CFLAGS\='-I/tmp/testing/nmsg/'
libnmsg_LIBS\='-L/tmp/testing/nmsg/ -lnmsg'

but I get a mismatch error
checking for protoc-c... /usr/bin/protoc-c
checking nmsg msgmod version... configure: error: in
`/tmp/testing/sie-nmsg':
configure: error: nmsg msgmod version mismatch
See `config.log' for more details

The nmsg version that I am using is 0.80 but I still get a mismatch.
Could you please guide me as to what could be done next? Thank you. 

I have also attached my config.log for reference. 
--

-- 
Regards,
Ashrith
Please do not print this E-mail unless you really need to.
This file contains any messages produced by compilers while
running configure, to aid debugging if configure makes a mistake.

(Continue reading)

Matt Sisk | 19 Mar 22:40 2014

Net::WDNS 0.03 released

I've released the first public version of Net::WDNS, a perl binding for 
libwdns.

You can download from the CPAN:

   http://search.cpan.org/~msisk/Net-WDNS-0.03/

The official documentation lives here:

   https://tools.netsa.cert.org/confluence/display/tt/Net-WDNS

Enjoy,
___________________________________
Matt Sisk
Member of the Technical Staff
CERT Software Engineering Institute
Carnegie Mellon University
sisk <at> cert.org
Matt Sisk | 19 Mar 22:40 2014

Net::Nmsg 0.10 released

I've released version 0.10 of Net::Nmsg, a perl binding for libnmsg. It 
addresses the recent shift from 'ISC' to 'base', fixes a couple of 
option and rendering bugs, and has updated examples.

You can download from the CPAN:

   http://search.cpan.org/~msisk/Net-Nmsg-0.10/

The official documentation lives here:

   https://tools.netsa.cert.org/confluence/display/tt/Net-Nmsg

Enjoy,
___________________________________
Matt Sisk
Member of the Technical Staff
CERT Software Engineering Institute
Carnegie Mellon University
sisk <at> cert.org
Robert Edmonds | 18 Mar 19:34 2014

pynmsg 0.3.0 released

Hello,

pynmsg 0.3.0 is now available.  This release includes a fix that aliases
"nmsg.msgtype.isc" to "nmsg.msgtype.base" in order to maintain backwards
compatibility with software that uses the old "ISC" vendor name for
vendor ID 1.

Source tarball:

    https://dl.farsightsecurity.com/dist/pynmsg/pynmsg-0.3.0.tar.gz

git tag:

    https://github.com/farsightsec/pynmsg/tree/tags/v0.3.0

Additionally, the wheezy-farsightsec repository has an updated
python-nmsg (0.3.0-1) package.

--

-- 
Robert Edmonds
Farsight Security, Inc.
Robert Edmonds | 13 Mar 23:01 2014

nmsg 0.8.0 released

Hello,

nmsg 0.8.0 is now available.

Source tarball:

    https://dl.farsightsecurity.com/dist/nmsg/nmsg-0.8.0.tar.gz

git tag:

    https://github.com/farsightsec/nmsg/tree/tags/v0.8.0

nmsg (0.8.0)

  * Update copyright and license statements as a result of the transition from
    Internet Systems Consortium to Farsight Security.

  * The "ISC" NMSG vendor has been renamed to "base". API/ABI backwards
    compatibility with existing source code and binaries which use the old
    vendor name will be maintained. New code should begin referring to the new
    vendor name and existing code should be updated to refer to the new vendor
    name.

  * Replace the "librsf" submodule with the "libmy" subtree.

  * Fix a double free() which occurred when compression was enabled on a
    libnmsg output and an NMSG payload large enough to cause fragmentation
    before being compressed ended up being small enough to fit in an
    unfragmented NMSG container after compression.

(Continue reading)

Kyu Seob Kim | 19 Dec 19:31 2013

pynmsg build problem

I keep getting _nmsg.c:316:18: fatal error: nmsg.h: No such file or directory

Is that because I haven't installed nmsg yet?
_______________________________________________
nmsg-dev mailing list
nmsg-dev <at> lists.farsightsecurity.com
https://lists.farsightsecurity.com/mailman/listinfo/nmsg-dev
Robert Edmonds | 13 Dec 23:56 2013

wdns 0.5 released

wdns 0.5 is now available from:

    https://dl.farsightsecurity.com/dist/wdns/wdns-0.5.tar.gz

and is tagged in git:

    https://github.com/farsightsec/wdns/tree/tags/v0.5

wdns (0.5)

 * Update copyright and license statements as a result of the transition from
   Internet Systems Consortium to Farsight Security.

 * Escape literal backslashes when converting domain names or record data to
   presentation format.

 * Add a spec file for building on RPM systems, based on a spec file
   contributed by John Heidemann.

 * Replace the "librsf" submodule with the "libmy" subtree.

 * Correct the "Name:" field in the libwdns.pc file.

 * Make it possible to build with "make" rather than "gmake" on FreeBSD by
   generating libwdns.pc from the configure script rather than the Makefile.

 * Install the libwdns.pc file into the right directory on FreeBSD systems
   where pkg-config has been modified to read from a "libdata" directory.

 -- Robert Edmonds <edmonds <at> fsi.io>  Fri, 13 Dec 2013 16:06:06 -0500

--

-- 
Robert Edmonds
Farsight Security, Inc.
Ray Ruvinskiy | 13 Dec 22:28 2013

TCP DNS Flows

Hi,

Looking at the dnsqr.c source code, I have come to the conclusion that there is no support for capturing and reassembling TCP DNS flows. Is my impression correct? If it is, is there a technical reason for the lack of support, or is it simply that no one has gotten around to it?

Thanks,

Ray
_______________________________________________
nmsg-dev mailing list
nmsg-dev <at> lists.farsightsecurity.com
https://lists.farsightsecurity.com/mailman/listinfo/nmsg-dev

Gmane