• Subscribe to the low volume list for updates.

Archives of #ossec

OSSEC Introduction and Installation Guide

OSSEC is a Host Based Intrusion Detection and Prevention system. Best practice security management calls for a layered approach to security; security vulnerability scanning, a firewall, strong passwords, patch management and intrusion detection capabilities are all important layers. Using a HIDS allows you to have real time visibility into what security events are taking place […]

Enable OSSEC Active Response

Many OSSEC users start of running with active response disabled to ensure that the OSSEC agent does not affect the server especially when running in a live production environment. Once you have an understanding of the number of alerts and types of alerts you are seeing, it is a good idea to enable active response. […]