OSSEC HIDS – Open Source Host-based Intrusion System
OSSEC HIDS is an Open Source Host-based Intrusion Detection System. It performs log analysis, integrity checking, rootkit detection, time-based alerting and active response.
It runs on most operating systems, including Linux, OpenBSD, FreeBSD, Solaris and Windows.
This is the first version offering native support for Windows (XP/2000/2003). It includes as well a new set of log analysis rules for sendmail, web logs (Apache and IIS), IDSs and Windows authentication events.
The correlation rules for squid, mail logs, firewall events and authentication systems have been improved, now detecting scans, worms and internal attacks.
The active-responses were also refined, with support to IPFW (FreeBSD) added.
The installation process was re-organized, now including simpler configuration options and
translation on 6 different languages (English, Portuguese, German, Turkish, Polish and Italian).
Tweet
Recent in Countermeasures:
- No BEAST Fix From Microsoft In December Patch Tuesday – But They Fixed Duqu Bug
- sslyze – Fast and Full-Featured SSL Configuration Scanner
- Twitter Purchases WhisperCore – Full Disk Encryption For Android Phones
Related Posts:
- Samhain v.2.5.9c – Open Source Host-Based Intrusion Detection System (HIDS)
- Suricata – Open Source Next Generation Intrusion Detection and Prevention Engine
- Impressive Open Source Intrusion Prevention – HLBR
Most Read in Countermeasures:
- AJAX: Is your application secure enough? - 115,582 views
- Password Hasher Firefox Extension - 110,120 views
- NDR or Backscatter Spam – How Non Delivery Reports Become a Nuisance - 55,167 views


Posted in:



Recent Comments