OSSEC Presentations at AusCERT/Confidence

Posted on June 2, 2007 by danielcid

During the month of May I went to AusCERT and Confidence to talk about OSSEC (i.e. Log analysis using OSSEC). On both presentations I mentioned LIDS (Log-Based intrusion detection), and provided an overview of the ossec architecture and how to write decoders and rules. If you want to learn a bit more about ossec, take a look at them.

**Note that both presentations are very similar, but the AusCERT one is a bit more organized, so recommended to be read first.

  • OSSEC at AusCERT (Log-based Intrusion detection using OSSEC).
  • OSSEC at Confidence (Log analysis using OSSEC).

    • Hope you enjoy!

    This entry was posted in auscert, CONF2007, ossec. Bookmark the permalink.

    2 Responses to OSSEC Presentations at AusCERT/Confidence

    1. Kasi Sama says:
      August 23, 2007 at 10:45 am

      Very well written and nicely presented presentation. Puts you on track on understanding the rules and its flow.

      Keep up the good work Daniel.

      Kasi

      Reply
    2. dcid says:
      August 23, 2007 at 10:58 am

      Hi Kasi,

      Thanks for the nice words :)

      Daniel

      Reply

    Leave a Reply

    Your email address will not be published. Required fields are marked *

    You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>