1. Daniel Cid
  2. ossec-hids

Source

ossec-hids /

Filename Size Date modified Message
active-response
contrib
doc
etc
integrations
src
1.2 KB
adding hgignore so that hg status will correctly show any changes made
954 B
Removing old tags.
509 B
Adding sshd rule for behaviour anomaly. Cleaning up the eventsearch.
2.9 KB
Fixing auth pass verification.
2.7 KB
Adding old CVS style tags at the top of the files.
1.2 KB
-Bumping version
16.8 KB
Bumping versions and fixing silent crash.
568 B
Finalizing 2016-04 with more rootcheck detection entries.
35.5 KB
-Cleaning up some messages and compile warnings.

OSSEC

OSSEC is an open source Host-Based Intrusion Detection System (HIDS). It has a powerful correlation and analysis engine that integrates log analysis, file integrity monitoring, centralized policy enforcement, rootkit detection, real-time alerting, and active response.

It provides a pretty complete coverage if you are looking for endpoint (server) monitoring.

Installation

If you have not used OSSEC before, I recommend reading this guide to get started:

http://dcid.me/texts/my-ossec-setup-manual.html

More details here:

http://dcid.me/ossec