ossec-hids /

Filename Size Date modified Message
active-response
contrib
doc
etc
integrations
src
1.2 KB
adding hgignore so that hg status will correctly show any changes made
954 B
Removing old tags.
509 B
Adding sshd rule for behaviour anomaly. Cleaning up the eventsearch.
3.0 KB
Updating changelog + new rule for segfaults.
2.7 KB
Adding old CVS style tags at the top of the files.
1.2 KB
-Bumping version
16.8 KB
Bumping versions and fixing silent crash.
568 B
Finalizing 2016-04 with more rootcheck detection entries.
35.5 KB
-Cleaning up some messages and compile warnings.

OSSEC

OSSEC is an open source Host-Based Intrusion Detection System (HIDS). It has a powerful correlation and analysis engine that integrates log analysis, file integrity monitoring, centralized policy enforcement, rootkit detection, real-time alerting, and active response.

It provides a pretty complete coverage if you are looking for endpoint (server) monitoring.

Installation

If you have not used OSSEC before, I recommend reading this guide to get started:

http://dcid.me/texts/my-ossec-setup-manual.html

More details here:

http://dcid.me/ossec