Posts Tagged ‘Intrusion Detection System (IDS)’
Installing OSSEC on Linux Distributions
The last few posts have been about deploying and configuring OSSEC as an important tool in your security suite. In this article I will provide you a script I wrote to help you quickly deploy OSSEC. This script assumes you are deploying on a Linux distribution (e.g., Fedora, Ubuntu, CentOS, or Debian). It will force…
Read MoreOSSEC For Website Security: PART II – Distributed Architectures Using Agents and Managers
This article assumes you already have OSSEC deployed. If you need a refresher, refer to the Part I of OSSEC for website security, written March 2013. OSSEC is popular open-source Host Intrusion Detection System (HIDS). It was founded by Daniel Cid, and currently maintained by a very large community of security professionals. Please note that…
Read MoreOpen-Source CMS Security In The Enterprise
Regardless of the size of your organization, the security challenges with open-source Content Management Systems (CMS) security are the same. In the enterprise the issue stems not from the technology or existing processes, but the fact that security is slipping through our fingers. We’ve made it too difficult for our counter parts in marketing and sales, and where there…
Read MoreOSSEC: Stop Agent Email Notifications from Being Grouped
This a quick post, for those of you that manage multiple agents under your manager, there might be instances where your email notifications will group different agent notifications together. This has to do with two things: Number of emails sent in an hour Grouping setting is On Default Max Emails By default, OSSEC has a…
Read MoreOSSEC – Detecting New Files – Understanding How it Works
I recently saw some discussion in the OSSEC distribution list of someone having an issue with getting OSSEC syscheck to work right in real-time. It reminded me of a similar issue I had with my own configuration and others I have read about, so I figured I’d write something to shed light on how OSSEC’s…
Read More