Darknet - The Darkside » ossec http://www.darknet.org.uk Ethical Hacking, Penetration Testing & Computer Security Fri, 30 Jul 2010 10:38:40 +0000 en hourly 1 http://wordpress.org/?v=3.0.1 OSSEC HIDS – Open Source Host-based Intrusion System http://www.darknet.org.uk/2006/05/ossec-hids-open-source-host-based-intrusion-system/ http://www.darknet.org.uk/2006/05/ossec-hids-open-source-host-based-intrusion-system/#comments Mon, 15 May 2006 03:27:39 +0000 Darknet http://www.darknet.org.uk/2006/05/ossec-hids-open-source-host-based-intrusion-system/

OSSEC HIDS is an Open Source Host-based Intrusion Detection System. It performs log analysis, integrity checking, rootkit detection, time-based alerting and active response.

It runs on most operating systems, including Linux, OpenBSD, FreeBSD, Solaris and Windows.

This is the first version offering native support for Windows (XP/2000/2003). It includes as well a new set of log analysis rules for sendmail, web logs (Apache and IIS), IDSs and Windows authentication events.

The correlation rules for squid, mail logs, firewall events and authentication systems have been improved, now detecting scans, worms and internal attacks.

The active-responses were also refined, with support to IPFW (FreeBSD) added.

The installation process was re-organized, now including simpler configuration options and
translation on 6 different languages (English, Portuguese, German, Turkish, Polish and Italian).

You can download the Unix and Windows versions here.

Read more Here.

The full changelog is here.

Post to Twitter Post to Delicious Post to Digg Post to Facebook Post to StumbleUpon

]]> http://www.darknet.org.uk/2006/05/ossec-hids-open-source-host-based-intrusion-system/feed/ 0