delicious

OSSEC

A murb'ed feed, posted about 8 years ago filed in security, monitoring, server, web, internet, intrusion, detection, ips, scanning, system & open source.

One of the often mentioned IPS’s. It’s setup is more aimed at large orgs managing clusters of machines; given its client/server based model with agents and servers. From the project’s homepage:

Watching

OSSEC watches it all, actively monitoring all aspects of system activity with file integrity monitoring, log monitoring, rootcheck, and process monitoring. With OSSEC you won’t be in the dark about what is happening to your valuable computer system assets.

Alerting

When attacks happen OSSEC lets you know through alert logs and email alerts sent to you and your IT staff so you can take quick actions. OSSEC also exports alerts to any SIEM system via syslog so you can get real-time analytics and insights into your system security events.

Everywhere

Got a variety of operating systems to support and protect? OSSEC has you covered with comprehensive host based intrusion detection across multiple platforms including Linux,Solaris, AIX, HP-UX, BSD, Windows, Mac and VMware ESX.

Go to the original link.