OSSEC HIDS(Open Source Host-based Intrusion Detection System & FIM)

When people talk about server security, the first things that typically come to mind are technologies like SELinux or applications like Snort. There are such a wide variety of open source security tools that are available that it is almost impossible to keep up with them all, or even to find out about them all.

One tool that deserves mention is OSSEC, an open source, host-based intrusion detection system. It is cross-platform, so it will work on Windows, Linux, FreeBSD Unix and Mac OS, and it also can employ a client/server architecture that allows you to have one central OSSEC server with a number of monitored OSSEC clients. It provides intrusion detection techniques such as log analysis, rootkit detection, file integrity checking, active response to identified threats, real-time alerting and, for Windows client systems, registry monitoring.

download1

OSSEC may not be the only tool you ever need, but it does consolidate a number of disparate tools into one and, with the client/server model, it allows for consistent monitoring of multiple systems which makes it great for office environments or server farms.

I Still think it’s one of the most flexible and powerful host-tools out there ┬álike !

You can find more information at OSSEC HIDS project documentation, or the reference manual.

 

 

 

 

newsletter-aik

Subscribe To Our Newsletter

Join our mailing list to receive the latest news and updates from our team.

You have Successfully Subscribed!