OSSEC HIDS Open Source Host-based Intrusion Detection System
Download

OSSEC HIDS Ranking & Summary

OSSEC HIDS Tags

detector log analyzer Rootkit Rootkit Detection intrusion detector intrusion

OSSEC HIDS Description

OSSEC is a host-based intrusion detection system (HIDS) that can keep the machines in a network safe from various malicious attacks. The system can perform integrity checking tasks on the machines as well as monitor the registry area or detect the presence of rootkits. The system is composed of two parts, an agent that runs on the client machine and a server that can manages the policies.Uneventful installation procedureEven if it may sound like a daunting operation, installing the agent on the computer is no more complicated than adding any other application to the system. However, in this case there is the possibility to choose the components to be included in the process; this refers to IIS (Internet Information Services) scanning and log monitoring and turning on the integrity checking module. Purpose and configurationThe application window is far from being complicated, even for a less experienced user. If the server side of the system has already been prepared all you have to do is provide its address and the authentication key in order to establish the connection. Apart from the above mentioned activities the agent can keep an eye on the event log in real time and check the system folders for changes as well as check the current policies in order to make sure that the system is configured properly. All configuration of the agent has to be carried out manually by editing a text file containing all the necessary parameters. Simple agent for host-based intrusion detection systemInstalling the agent is not a tough job, but setting it up for to send the necessary information to the server requires some knowledge and has to be done by a system administrator. Reviewed by Ionut Ilascu, last updated on May 17th, 2014

OSSEC HIDS Related Software