Recent blog entries for yoann

Back from Switzerland some days ago, and took some rest.

- A bunch of work fixing experienced bunch with SMP support on Prelude NIDS (one of them was a re-entrency issue when the same alert was triggered by two packet analyzed by different threads). Should be stable now.

- The default policy is now to store the raw packet data in the Prelude database (the Prelude Manager won't compute an hexadecimal dump for Prelude NIDS alert anymore). The frontend is the one that must do the work. This have the side effect of reducing the size of a Prelude NIDS alert in database by 4.

Seem more and more users request to know what is being worked on about their prefered softwares, I thought I would try to keep my advocato diary updayed.

Generic Prelude work

- Merged the new IDMEF API in CVS head.

- Sensors have been ported to the new IDMEF API.

- Implemented a database cache, improving frontend query time by a factor of 6, on my local machine. This is available to any frontend using libpreludedb.

Prelude NIDS:

A lot of work has being done to make the Prelude NIDS gigabit capable and I recently commited theses to the CVS tree. Changes include:

- Multithreading support providing the ability to parallelize the packet analysis process on SMP machines.

- Implementation of the e2xb algorithm for speeding up pattern matching

New Advogato Features

New HTML Parser: The long-awaited libxml2 based HTML parser code is live. It needs further work but already handles most markup better than the original parser.

Keep up with the latest Advogato features by reading the Advogato status blog.

If you're a C programmer with some spare time, take a look at the mod_virgule project page and help us with one of the tasks on the ToDo list!