|
OSSEC HIDS v0.4 available - log analysis, rootkit detection and integrity checking |
|
|
|
Source: Daniel Cid - Posted by Benjamin D. Thomas
|
Version 0.4 of the OSSEC HIDS is now available.
OSSEC HIDS is an Open source Host-based intrusion detection software. It performs log analysis, integrity checking, rootkit detection and health monitoring.
All this information is correlated and analyzed by a single engine, creating a very powerfull detection tool. OSSEC HIDS is very scalable, allowing you to easily monitor multiple systems from a central server.
This new version includes a new rootkit detection system, an improved integrity detection engine (much more complete and with much more detailed alerts), a faster and powerfull analysis system and complete support to Solaris and MacOS (in addition to Linux, *BSD, etc).
Our FAQ (http://www.ossec.net/hids/faq.php) has more information and we have a new mailling list for the project (
http://www.ossec.net/hids/index.php#Maillists
A list of all new features are available here:
http://www.ossec.net/hids/announcements/v04-2005-10-26.txt
To look at the log analysis rules:
http://www.ossec.net/hids/rules/
For more information on the rootkit detection:
http://www.ossec.net/rootcheck/rootcheck.txt
To download:
http://www.ossec.net/hids/files/ossec-hids-0.4.tar.gz
For more information:
http://www.ossec.net/hids/
Read this full article at Daniel Cid
Powered by AkoComment! |
