Navigation

    ML
    • Register
    • Login
    • Search
    • Recent
    • Categories
    • Tags
    • Popular
    • Users
    • Groups

    OSSEC - Anyone tried it?

    IT Discussion
    ids open source ossec security
    2
    2
    978
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • W
      WingCreative last edited by scottalanmiller

      Recently I learned about OSSEC, which touts itself as "a scalable, multi-platform, open source Host-based Intrusion Detection System (HIDS)."

      Has anyone heard of this or used it before? I know Snort is kind of the de facto open source IDS - it looks like OSSEC's main strengths over Snort are its focus on central management and low resource usage on endpoint systems, which are two things I like the sound of.

      Thought it might be good to check in with you guys before devoting a weekend to getting it up and running :)

      1 Reply Last reply Reply Quote 1
      • travisdh1
        travisdh1 last edited by

        I have it installed. Just dropped the forwarder on the firewall so far. So it alerts me whenever something gets by the first box.... no alerts so far (I'd knock on wood if I could.)

        1 Reply Last reply Reply Quote 2
        • First post
          Last post