Commits

ddpbsd committed eaa28e1

Hopefully all of the links are fixed

  • Participants
  • Parent commits fb41824

Comments (0)

Files changed (1)

File docs/about/user_cases.rst

 User Testimonials
 =================
 
+
+
 Kurt R. Hinson at Amazon.com (2008 Oct)
 ---------------------------------------
 
   *It's great modularity and easy extensibility makes creating kick-ass crazy dedicated solutions so much easier then it was ever before."*
 
 
-  Full comment at [http://observed.de/?entnum=83 http://observed.de/?entnum=83]
+  Full comment at `http://observed.de/?entnum=83 <http://observed.de/?entnum=83>`_
 
 
 Anonymous comment at blog.gnist.org (2007 Aug)
   *If you try and brute force (more than n attempts in p seconds) or portscan my machine, it simply locks you out for 24 hours by denying that IP.*
   *It has other useful features and even lets me know when it's being attacked - absolutely brilliant program and i have no hesitation in recommending it."**
 
-  Full comment at [http://blog.gnist.org/article.php?story=HollidayCrackingblog.gnist.org blog.gnist.org].
+  Full comment at http://blog.gnist.org/article.php?story=HollidayCrackingblog.gnist.org blog.gnist.org
 
 
 Jeremy Melanson at lists.debian (2007 Aug)
   *Additionally, I have OSSEC agents running on each of my servers (including Windoze), which report back to a central OSSEC Server. The agents are primarily in charge of monitoring important files for changes (nice view during upgrades), and secondarily in charge of scanning for RootKits.*
   *OSSEC can also interface with IPTables and other host-based firewalls, as a means of implementing Real-time greylisting...*
 
-  Full post at [http://lists.debian.org/debian-security/2007/08/msg00114.html http://lists.debian.org/debian-security/2007/08/msg00114.html].
+  Full post at http://lists.debian.org/debian-security/2007/08/msg00114.html
 
 
 Chuck Little at Security Horizon (2007 Jul)
   *Most vendors seem more inclined to add features, and a sparkly/pretty GUI, and less inclined to fix their detection*
   *engine or refine signatures (for signaturebased IDS) to help reduce false positives. Hopefully OSSEC-HIDS will be a trend-setter in that other IDS vendors get back to their roots and use a more common-sense based approach to intrusion detection. <b>Forget the glitz and pretty graphs; just make something that works. OSSEC-HIDS is just that....it works; and has an added bonus of working well.*
 
-  Full article at [http://www.securityhorizon.com/journal/TSJ-2007-03-summer.pdf Security Horizon Summer 07].
+  Full article at `Security Horizon Summer 07 <http://www.securityhorizon.com/journal/TSJ-2007-03-summer.pdf>`_
 
 
 Clayton Dillard at OSSEC-list (2007 Jul)
   *"Also, I wanted to thank the folks involved with developing and maintaining the OSSEC project.  We've had OSSEC in production for only a couple of months and it has already helped us identify several attacks and a few agent/host configuration issues.*
   *Thanks for a great product!"*
 
-  Link [http://www.ossec.net/ossec-list/2007-July/msg00070.html here]
+  Link `here <http://www.ossec.net/ossec-list/2007-July/msg00070.html>`_
 
 
 Mraju at /muraliraju.info (2007 Jul)
   *"I am truly impressed with OSSEC when it comes to HIDS (Host intrusion Detection System) functions...*
   *OSSEC is a project from Daniel B. Cid (contact at ossec.net) who is the primary author of this great tool. I run OSSEC from a single box to cluster of machines ranging in the 100s, primarily running *NIX. Although, I primarily use it for HIDS (agent) setups, recently I am starting to see a benefit in using OSSEC for log analysis. This started with OSSEC reporting alerts from mod_security, which I use heavily as a WAF for Web Applications... "*
 
-  Link to the blog post: [http://muraliraju.info/2007/7/1/hids-with-ossec HIDS with OSSEC]
+  Link to the blog post: `HIDS with OSSEC <http://muraliraju.info/2007/7/1/hids-with-ossec>`_
 
 
 Matt Groves at blog.mattgroves.com (2007 Jun)
   *"..*
   *I have several methods by which I achieve this, and I'm not going to advertise them all. One of the ways that I achieve proactive security monitoring and reactive system changes to cease attempts made by nasties on the internet getting access or extended information about the system, is to use a Host Based Intrusion Detection System (HIDS) and of all the packages that I have experienced, have stuck with, <b>and can highly recommend OSSEC - open source, free, regularly updated, virtually bug-free and a very good ruleset.</b> I'm listed as a donor now, too :-)"*
 
-  Read full post at [http://blog.mattgroves.com/2007/06/ossec_host_based_intrusion_det.html his blog entry]
+  Read full post at `his blog entry <http://blog.mattgroves.com/2007/06/ossec_host_based_intrusion_det.html>`_
 
 
 Christopher J. Buckley - cbuckley at redhat.com (2007 May)
   *"OSSEC is a leading Intrusion Detection System for Enterprise UNIX(-like) and Windows platforms. <b>OSSEC is, by quite a way, the most innovative and customisable IDS product I have worked with.*
   *As a result of it.s ease of customisations, the developer Daniel B. Cid, with a little bit of help from myself, have implemented supported rule-sets for my former employers. products: Zeus WebServer and ZXTM. Both products are widely deployed across many enterprise environments; adding specific rulesets for their software is one which I hope assists all fellow sysadmins tasked with running infrastructure using Zeus software. *
 
-  Read full post at [http://www.cjbuckley.net/blog/2007/05/04/ossec-ruleset-for-zeus-webserver-and-zxtm his blog entry]
+  Read full post at `his blog entry <http://www.cjbuckley.net/blog/2007/05/04/ossec-ruleset-for-zeus-webserver-and-zxtm>`_
 
 
 Cynthia Harvey at eSecurity Planet (2007 May)
 
   *"This host-based intrusion detection system (HIDS) has recently been gaining popularity among enterprise users, in part because of its high scalability. If an attack overcomes your network defenses, Ossec HIDS stops the attack at the host level, and it can be configured to notify the network administrator when an attack occurs. It's compatible with many firewalls and all the major operating systems."*
 
-  Read full post at [http://www.esecurityplanet.com/article.php/11162_3678471_3 at the esecurityplanet article]
+  Read full post at `at the esecurityplanet article <http://www.esecurityplanet.com/article.php/11162_3678471_3>`_
 
 
 Eric Hines at LinuxWorld (2007 Mar)
 -----------------------------------
 
-  *"
-  *I've selected OSSEC HIDS as the No. 1 open source tool due to its recent rapid growth in the enterprise. OSSEC HIDS is a rapidly evolving open source project that offers the first ever open source host intrusion detection and prevention system</b>, developed by Daniel Cid. The OSSEC HIDS project has been gaining widespread use and is quickly being deployed within organizations around the world as a method of protecting systems at the host level after attacks have made it past network defenses.*
+  *"I've selected OSSEC HIDS as the No. 1 open source tool due to its recent rapid growth in the enterprise. OSSEC HIDS is a rapidly evolving open source project that offers the first ever open source host intrusion detection and prevention system</b>, developed by Daniel Cid. The OSSEC HIDS project has been gaining widespread use and is quickly being deployed within organizations around the world as a method of protecting systems at the host level after attacks have made it past network defenses.*
   *..*
   *Combined with open source Snort, OSSEC gives administrators a 360-degree holistic view of both the network and the endpoint systems they are monitoring.*
   *..*
   *The OSSEC rules language is incredibly flexible and powerful allowing administrators to define their own custom rules to alert on any predefined text or patterns. Its detection capabilities do not stop at rules. It includes checks via syscheck for changes to user-specified directories, integrity checks on files and directories, MD5 checksum changes, file or directory sizes, file or directory ownership, and group, file and directory permissions. More importantly, OSSEC monitors the Windows registry, in which most trojans, spyware and backdoors are traditionally injected on Windows hosts.."*
 
 
-  Read full post at [http://www.linuxworld.com/news/2007/031207-top-5-security.html LinuxWorld (ossec #1 security tool in the enterprise)]
+  Read full post at `LinuxWorld (ossec #1 security tool in the enterprise) <http://www.linuxworld.com/news/2007/031207-top-5-security.html>`_
 
 
 David Bianco at Computer World (2007 Feb)
 
   *"We were able to get a lot of out-of-the-box functionality," </i>says David Bianco, cybersecurity analyst for Thomas Jefferson National Accelerator Facility in Newport News, Va. <i>"OSSEC immediately started parsing our firewall logs and alerting on Internet scans and probes. It's also helping track failed logins, system account changes, IDS alerts and a few other things -- all with very little work on our part."*
 
-  Read full post at [http://www.computerworld.com.au/index.php/id;192427681;fp;4194304;fpid;1;pf;1 Computer World]
+  Read full post at `Computer World <http://www.computerworld.com.au/index.php/id;192427681;fp;4194304;fpid;1;pf;1>`_
 
 
 Sifu Kurt at InfoSec Kwoon (2006 Oct)
   *you can even take advantage of the Active Response option and have OSSEC disable accounts, drop in firewall rules, etc., etc. Plus *
   *it does file  integrity monitoring on top of it all..."*
 
-  Read full post at [http://kwoon.blogspot.com/2006/10/ossec-host-based-intrusion-detection.html his blog entry]
+  Read full post at `his blog entry <http://kwoon.blogspot.com/2006/10/ossec-host-based-intrusion-detection.html>`_
 
 
 
 
   *Also, the installation was really fast."*
 
-  Read his message at [http://www.ossec.net/ossec-list/2006-August/msg00317.html this mailling list archive]
+  Read his message at `this mailing list archive <http://www.ossec.net/ossec-list/2006-August/msg00317.html>`_
 
 
 Pilou (2006)
   *fak3r*
 
 
-  Read full post at [http://www.osnews.com/comment.php?news_id=15903 osnews.com].
-  His profile [http://www.osnews.com/user.php?uid=6954 here].
+  Read full post at `osnews.com <http://www.osnews.com/comment.php?news_id=15903>`_
+
+  His profile `here <http://www.osnews.com/user.php?uid=6954>`_.
 
 
 Marty Hillman, IT Director - MCSE, GCIH