OSSEC HIDS 0.7: Improved Rootkit Detection and Log Analysis
Mar 29, 2006
•
Anthony Pell
1 min read
OSSEC HIDS is an open source host-based intrusion
detection system. It performs log analysis, integrity
checking, rootkit detection, time-based alerting and
active response.
This is one of the most improved versions so far. It now includes support for squid, pure-ftpd, postfix and AIX ipsec logs (in addition to a lot of improvements to the previous rules).
The integrity checking engine now allows granular options, where you can specify exactly what options you want to monitor (checksum, size, ownership, etc).The rootkit detection had a lot of improvements too, reducing false positives on most of the systems and with a lot of new anomaly checks to detect kernel level rootkits.
We also have a new website and the installation in 4
different languages (portuguese, english, german and
turkish).
More Information:
Complete Changelog:
To download the new version:
Use our mailling list if you have any questions,
suggestions or comments :
OSSEC - World's Most Widely Used Host Intrusion Detection System - HIDS
PREVIOUS
NEXT
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!