IDS/IPS and File Integrity Monitory Systems

Colby W. colbyw at gmail.com
Thu Sep 27 18:47:04 MDT 2007


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

On 9/27/07, Kenneth Burgener <kenneth at mail1.ttak.org> wrote:
> Colby W. wrote:
> > Kenneth,
> >
> > Take a look at OSSEC HIDS (http://www.ossec.net).
>
> Thanks Colby, that looks like a good suggestion.  Have you used OSSEC
> HIDS in a production environment?  Is it pretty reliable?
>

I don't have a production environment to use it with but there are
some folk in #ossec (freenode) who do. Some have it deployed to
several hundred computers; OSSEC is very scalable.

Reliable? Yes, very much so and its reliability increases with each
release--I've been using it for a little over a year now. I'm looking
forward to the next release that'll support database logs and logging
to databases (pgsql, mysql, etc.).

 --- Colby

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)

iQEVAwUBRvxOm+y+Nn4pThDhAQreDwf8C+pnL0TL9rAzVwgspmwsCnMd2hrzxDHP
6waW4yssyx6ZQAEfQuAH/nHh//Ln4EMVgtlGF/NMzpbSY2fntza672spJt+hzM3J
VA/g4hDGyXvHN5/U0m7b+7qha5JDTMv6oVPj6Y2TQwY1r1eTj0Q4WHcGd79IVH38
x8Z7gb+ymT7w/RlC01Qc/D1qQ1tMQAQsO+dCbR2C3N3TcCeW3AqxJf4pnBjBTOLD
y5ZTCv0qNI6gu2v4REo8KN/RMEQBUYMvmLFc9Ql9VSoPFi/2T+F9yJiCLikVKuvu
mHGnlpmS4KZ8k2OOzR+xLauHfEoBK1QsurAPv7V3aIxjif0ww7vl3Q==
=4vzP
-----END PGP SIGNATURE-----



More information about the PLUG mailing list