Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: OSSEC HIDS 2.0 (Default branch)
Special Forums News, Links, Events and Announcements Software Releases - RSS News OSSEC HIDS 2.0 (Default branch) Post 302293742 by Linux Bot on Tuesday 3rd of March 2009 05:50:05 PM
Old 03-03-2009
OSSEC HIDS 2.0 (Default branch)
OSSEC HIDS is a host-based intrusion detection system. It performs log analysis, integrity checking, rootkit detection, time-based alerting, and active response. License: GNU General Public License v3 Changes:
This version comes with numerous new features, including support for compiled (C-based) rules, new reporting tools, and agentless monitoring to allow file integrity checking on network devices (including firewalls, routers, etc). It also comes with support for new log formats, including Checkpoint logs, Yum, and a few more. Image

Image

More...
This User Gave Thanks to Linux Bot For This Post:
 

2 More Discussions You Might Find Interesting

1. Cybersecurity

Not being able to run SYSCHEKD in OSSEC local (HIDS)

I am newbee to OSSEC. My objective is to install OSSEC in a ubuntu 10.04 server, configure it and then install rootkits, tamper files and then scan for possible notification and alerts. BUT I tired and then changed few setting in ossec.conf but its nearly similar to default setting. After... (1 Reply)
Discussion started by: metalaarif
1 Replies

2. Red Hat

Regding OSSEC

FYI... Installed OSSEC server version 2.6 in Cent OS 6.2 and agents are web servers installed in chroot environment. Moreover ossec server and apache (web servers are agents) are installed in separate machines. In ossec.conf file, added below configuration in both server and agent. ... (0 Replies)
Discussion started by: vamsi_k
0 Replies

LEARN ABOUT HPUX

enable_idds

enable_idds(5)							File Formats Manual						    enable_idds(5)

NAME

       enable_idds - enable intrusion detection data source

VALUES

   Failsafe
   Default
   Allowed values
       or

   Recommended values
       if HP-UX HIDS is installed,

       otherwise.

DESCRIPTION

       From HP-UX 11i Version 3 onwards, the tunable is replaced by the dynamic tunable audit_track_paths(5).

       If  is set to then the HP-UX Host Intrusion Detection System (HP-UX HIDS) can enable the collection of kernel data for intrusion detection.
       This also causes additional things to be tracked by the kernel, resulting in a small degradation in performance	(and  increase	in  kernel
       memory usage), even if HP-UX HIDS is not in use.

   Who Is Expected to Change This Tunable?
       Anyone using HP-UX HIDS.

   Restrictions on Changing
       Changes to this tunable take effect at the next reboot.

   When Should the Tunable Be Turned On?
       This tunable should be turned on if HP-UX HIDS is installed.  The installation will automatically turn on

   What Are the Side Effects of Turning the Tunable On?
       The  name of the current working directory (and root directory) of every process is tracked, resulting in a change in memory usage and per-
       formance of the system.

   When Should the Tunable Be Turned Off?
       If HP-UX HIDS is not being used should be turned off.

   What Are the Side Effects of Turning the Tunable Off?
       When turned off, HP-UX HIDS is unable to use any detection template that uses (See the documentation for HP-UX HIDS for more information on

   What Other Tunables Should Be Changed at the Same Time?
       This tunable is independent of other tunables.

WARNINGS

       This tunable has been replaced by

       All HP-UX kernel tunable parameters are release-specific.  This parameter may be removed or have its meaning changed in future releases	of
       HP-UX.

       Installation  of  optional  kernel  software, from HP or other vendors, may cause changes to tunable parameter values.  After installation,
       some tunable parameters may no longer be at the default or recommended values.  For information about the effects of installation  on  tun-
       able  values,  consult  the documentation for the kernel software being installed.  For information about optional kernel software that was
       factory installed on your system, see at

AUTHOR

       was developed by HP.

SEE ALSO

       audit_track_paths(5), ids.cf(5),

OBSOLETED
						     Tunable Kernel Parameters						    enable_idds(5)
All times are GMT -4. The time now is 10:35 PM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy