Monthly Archives: January 2009

Agentless monitoring updated (v2.0 preview)

Posted on January 28, 2009 by danielcid

*updated from http://www.ossec.net/dcid/?p=154 by adding support for su and public key authentication Agentless monitoring is another big feature coming up with our next version. Basically, it allows you to run integrity checking (and in the future log monitoring) on systems … Continue reading →

Posted in ossec, v20 | 1 Comment

OSSEC being detected as a malware

Posted on January 5, 2009 by danielcid

Some anti-virus products (BitDefender, F-Secure, etc) are detecting the version 1.6.1 of the OSSEC Windows Agent as a malware (more specifically Generic.Qhost). We tried contacting some of them without much success. If you get any warning like that, it is … Continue reading →

Posted in ossec, windows | 1 Comment

Another book review

Posted on January 2, 2009 by danielcid

I just saw another review of the OSSEC book, this time by Kurt R. Hinson: In these days of tight and/or frozen budgets, utilizing open source applications has become a must for many of us in the security realm. OSSEC … Continue reading →

Posted in book, ossec | Leave a comment

OSSEC book as ‘Best Book Bejtlich Read in 2008′

Posted on January 2, 2009 by danielcid

I was glad to read that Richard Bejtlich considered the OSSEC book one of his best reads of 2008. From the post: by Rory Bray, Daniel Cid and Andrew Hay. I have to congratulate the author team for OHG. Writing … Continue reading →

Posted in book, ossec | Leave a comment