Collaborate Disseminate
I am starting with OSSEC for file integrity check in a bunch of Windows servers and CentOS. And I would like to keep a centralized configuration of what to check for all my agents, based on they OS.
Rerearching about Central… Continue reading OSSEC – Can i centralize what file to check with centralized agent config?
I’ve installed OSSEC using ssh. Now I want to test it out. How can I trigger some of its rules? I am using OSSEC 2.9.1
This has proved an annoyance for the past several days, and I have yet to figure out the root cause.
In a lab, I’ve setup two virtual machines, an OSSEC Server Appliance and a Windows 7 x64 Enterprise SP1 client.
Both seem … Continue reading OSSEC Windows Agent Fails to Sync Configuration
I published the following diary on isc.sans.org: “Detecting Undisclosed Vulnerabilities with Security Tools & Features“. I’m a big fan of OSSEC. This tools is an open source HIDS and log management tool. Although often considered as the “SIEM of the poor”, it integrates a lot of interesting features and is fully configurable
[The post [SANS ISC Diary] Detecting Undisclosed Vulnerabilities with Security Tools & Features has been first published on /dev/random]
I published the following diary on isc.sans.org: Hunting for Malicious Files with MISP + OSSEC.
[The post [SANS ISC Diary] Hunting for Malicious Files with MISP + OSSEC has been first published on /dev/random]
Continue reading [SANS ISC Diary] Hunting for Malicious Files with MISP + OSSEC