ML
    • Recent
    • Categories
    • Tags
    • Popular
    • Users
    • Groups
    • Register
    • Login

    OSSEC - Anyone tried it?

    IT Discussion
    ossec ids security open source
    2
    2
    1.3k
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • W
      WingCreative
      last edited by scottalanmiller

      Recently I learned about OSSEC, which touts itself as "a scalable, multi-platform, open source Host-based Intrusion Detection System (HIDS)."

      Has anyone heard of this or used it before? I know Snort is kind of the de facto open source IDS - it looks like OSSEC's main strengths over Snort are its focus on central management and low resource usage on endpoint systems, which are two things I like the sound of.

      Thought it might be good to check in with you guys before devoting a weekend to getting it up and running 🙂

      1 Reply Last reply Reply Quote 1
      • travisdh1T
        travisdh1
        last edited by

        I have it installed. Just dropped the forwarder on the firewall so far. So it alerts me whenever something gets by the first box.... no alerts so far (I'd knock on wood if I could.)

        1 Reply Last reply Reply Quote 2
        • 1 / 1
        • First post
          Last post