Protecting Computers with OSSEC

OSSEC is a five letter acronym for security. It stands for Open Source Security. OSSEC is free, host-based intrusion detection system (HIDS) that can help to protect your computers and servers from a variety of attacks. OSSEC analyzes your computers logs for attack signatures, performs integrity checking on your files, monitors the Windows registry, assists in rootkit detection, time-based alerting, and active response. It provides intrusion detection for most operating systems, including Linux, OpenBSD, FreeBSD, Mac OS X, Solaris and Windows. OSSEC’s centralized, cross-platform architecture allowing multiple systems and operating systems to be easily monitored and managed. It was written by Daniel B. Cid and made public in 2004.

We are currently experimenting with deploying OSSEC on some systems to determine if it is possible to adopt it for our customers’ systems. Since it is a distributed platform the more people who employ it the smarter it gets at preventing attacks on the network.

// //