The wiki is deprecated and due to be decommissioned by the end of September 2022.
The content is being migrated to other supports, new updates will be ignored and lost.
If needed you can get in touch with EGI SDIS team using operations @ egi.eu.
Difference between revisions of "EGI CSIRT:TDG/IDS"
(→Ossec) |
|||
| Line 7: | Line 7: | ||
=== Ossec === | === Ossec === | ||
[http://www.ossec.net/ OSSEC] is an Open Source Host-based Intrusion Detection System. It performs log analysis, file integrity checking, policy monitoring, rootkit detection, real-time alerting and active response. | [http://www.ossec.net/ OSSEC] is an Open Source Host-based Intrusion Detection System. It performs log analysis, file integrity checking, policy monitoring, rootkit detection, real-time alerting and active response. | ||
It runs on most operating systems, including Linux, MacOS, Solaris, HP-UX, AIX and Windows | It runs on most operating systems, including Linux, MacOS, Solaris, HP-UX, AIX and Windows. | ||
Revision as of 15:11, 5 March 2012
EGI-CSIRT Public wiki EGI-CSIRT Private wiki
EGI-CSIRT Contacts | Back to TDG Main
Intrusion Detection Systems (IDS)
Samhain IDS
Samhain is a file system integrity checker that can be used as a client/server application for centralized monitoring of networked hosts. Databases and configuration files can be stored on the server. Databases, logs, and config files can be signed for tamper resistance. In addition to forwarding reports to the log server via authenticated TCP/IP connections, several other logging facilities (e-mail, console, and syslog) are available.
Ossec
OSSEC is an Open Source Host-based Intrusion Detection System. It performs log analysis, file integrity checking, policy monitoring, rootkit detection, real-time alerting and active response. It runs on most operating systems, including Linux, MacOS, Solaris, HP-UX, AIX and Windows.