OSSEC HIDS is an Open Source Host-based Intrusion
Detection System. It performs log analysis, integrity
checking, rootkit detection, time-based alerting and
active response.
It runs on most operating systems, including Linux,
OpenBSD, FreeBSD, Solaris and Windows.
This is the first version offering native support for
Windows (XP/2000/2003). It includes as well a new set
of log analysis rules for sendmail, web logs (Apache
and IIS), IDSs and Windows authentication events.
The correlation rules for squid, mail logs, firewall
events and authentication systems have been improved,
now detecting scans, worms and internal attacks.
The active-responses were also refined, with support
to
IPFW (FreeBSD) added.
The installation process was re-organized, now
including simpler configuration options and
translation
on 6 different languages (English, Portuguese, German,
Turkish, Polish and Italian).
To download the Unix and Windows versions:
http://www.ossec.net/en/downloads.html
More information:
http://www.ossec.net/en/v08-2006-05-12.html
Windows support information:
http://www.ossec.net/en/manual.html#windows
Use our mailling list if you have questions or
comments:
http://www.ossec.net/en/mailing_lists.html
Thanks,
--
Daniel B. Cid
dcid @ ( at )ossec.net
http://www.ossec.net
_______________________________________________________
Abra sua conta no Yahoo! Mail: 1GB de espaço, alertas de e-mail no celular e
anti-spam realmente eficaz.
http://br.info.mail.yahoo.com/
------------------------------------------------------------------------
Test Your IDS
Is your IDS deployed correctly?
Find out quickly and easily by testing it
with real-world attacks from CORE IMPACT.
Go to http://www.securityfocus.com/sponsor/CoreSecurity_focus-ids_040708
to learn more.
------------------------------------------------------------------------
