Installing OSSEC on Linux Distributions

The last few posts have been about deploying and configuring OSSEC as an important tool in your security suite. In this article I will provide you a script I wrote to help you quickly deploy OSSEC. This script assumes you are deploying on a Linux distribution (e.g., Fedora, Ubuntu, CentOS, or Debian). It will force…

Read More

Open-Source CMS Security In The Enterprise

Regardless of the size of your organization, the security challenges with open-source Content Management Systems (CMS) security are the same. In the enterprise the issue stems not from the technology or existing processes, but the fact that security is slipping through our fingers. We’ve made it too difficult for our counter parts in marketing and sales, and where there…

Read More

OSSEC: Stop Agent Email Notifications from Being Grouped

email

This a quick post, for those of you that manage multiple agents under your manager, there might be instances where your email notifications will group different agent notifications together. This has to do with two things: Number of emails sent in an hour Grouping setting is On Default Max Emails By default, OSSEC has a…

Read More

OSSEC – Detecting New Files – Understanding How it Works

Security

I recently saw some discussion in the OSSEC distribution list of someone having an issue with getting OSSEC syscheck to work right in real-time. It reminded me of a similar issue I had with my own configuration and others I have read about, so I figured I’d write something to shed light on how OSSEC’s…

Read More