Results 1 to 3 of 3

Thread: OSSEC - HIDS

  1. #1
    Ash Palmer
    Guest

    OSSEC - HIDS

    Hey all,
    Check this HIDS software out www.ossec.net.
    I've found a few false positives regarding binary string searching part
    of the rootkit checker. Other than that its awesome!

    What yar all think? :)

    Ta,
    --
    Ash Palmer
    Network Security Logistics - SevenL Networks Inc.

    www: http://www.sevenl.net
    pkey: BF66 27B2 F2AA A919 1AE9 DBDF 2993 ADD5 5767 1606


  2. #2
    Dale Elfes
    Guest

    Re: OSSEC - HIDS

    Ash Palmer wrote:
    > Hey all,
    > Check this HIDS software out www.ossec.net.
    > I've found a few false positives regarding binary string searching part
    > of the rootkit checker. Other than that its awesome!
    >
    > What yar all think? :)
    >
    > Ta,

    It is a very nice application. I've used it extensively on various
    flavors of 'nix. I have not used it on Windows though.

  3. #3
    Alex Elsayed
    Guest

    Re: OSSEC - HIDS

    Dale Elfes wrote:

    > Ash Palmer wrote:
    >> Hey all,
    >> Check this HIDS software out www.ossec.net.
    >> I've found a few false positives regarding binary string searching part
    >> of the rootkit checker. Other than that its awesome!
    >>
    >> What yar all think? :)
    >>
    >> Ta,

    > It is a very nice application. I've used it extensively on various
    > flavors of 'nix. I have not used it on Windows though.


    I've been meaning to try it, but its build system is _strange_.
    I've heard many good things about it though, so I'm debating
    the merits of installing it to a temporary directory and rolling
    my own distro-specific[0] package for it.

    [0] Gentoo with Paludis, meaning a call to importare(1)

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •