Version 0.7 of the OSSEC HIDS is now available - The Community's Center for Security


The central voice for Linux and Open Source security news

Welcome!

Sign up!

EnGarde Community

Polls

What is the most important Linux security technology?

	SELinux
	grsecurity
	CIS Benchmark
	Bastille Linux
	iptables
	LIDS

Advisories

Community

Linux Events

Linux User Groups

Link to Us

Security Center

Book Reviews

Security Dictionary

Security Tips

SELinux

White Papers

Featured Blogs

All About Linux

DanWalsh LiveJournal

Securitydistro

Latest Newsletters

Linux Security Week: February 9th, 2010

Linux Advisory Watch: February 5th, 2010

LinuxSecurity Newsletters

RSS Feeds

Get the LinuxSecurity news you want faster with RSS

Version 0.7 of the OSSEC HIDS is now available

User Rating:

How can I rate this item?

Source: Daniel Cid - Posted by Benjamin D. Thomas

OSSEC HIDS is an open source host-based intrusion detection system. It performs log analysis, integrity checking, rootkit detection, time-based alerting and active response.

This is one of the most improved versions so far. It now includes support for squid, pure-ftpd, postfix and AIX ipsec logs (in addition to a lot of improvements to the previous rules).

The integrity checking engine now allows granular options, where you can specify exactly what options you want to monitor (checksum, size, ownership, etc).

The rootkit detection had a lot of improvements too, reducing false positives on most of the systems and with a lot of new anomaly checks to detect kernel level rootkits.

We also have a new website and the installation in 4 different languages (portuguese, english, german and turkish). More Information:
http://www.ossec.net

Complete Changelog:
http://www.ossec.net/en/v07-2006-03-29.html

To download the new version:
http://www.ossec.net/files/ossec-hids-0.7.tar.gz

Use our mailling list if you have any questions, suggestions or comments :
http://www.ossec.net/en/mailing_lists.html

Read this full article at Daniel Cid