Monthly Archives: June 2009

I (HEART) OSSEC

Justin Foster of DevelopingSecurity.com wrote an amazing article for the OSSEC site: In the open source world some projects have taken on beloved status by their loyal user base. OSSEC is one of them, and for good reason. For those … Continue reading

Posted in ossec | Leave a comment

Compiling the Windows Agent from a Linux system

It has always been a pain to generate snapshots for Windows because it required me to open up my Windows VM (slow), push the code there, compile, etc. Well, until this week when I started to play with MinGW cross-compilation … Continue reading

Posted in c, ossec, windows | Leave a comment

Centralized agent configuration

If you wanted to be able to configure your agents remotely, you will be happy to know that we are supporting it now. Right now, we allow centralized configuration for file integrity checking (syscheckd), rootkit detection (rootcheck) and log analysis. … Continue reading

Posted in ossec | 2 Comments

OSSEC logtest online

Sucuri Security released an online version of the ossec-logtest tool. Paste your log in there and it will show what OSSEC thinks of it. Link: http://sucuri.net/index.php?page=docs&title=ossec

Posted in ossec | Leave a comment

OSSEC uservoice

We are always getting lots of feature suggestions and ideas for ossec and sometimes via email it is hard to track. We have our bugzilla, but most users find it too complicated to use. Because of that, we are putting … Continue reading

Posted in ossec, uservoice | Leave a comment

Splunk + OSSEC Integration

This is a guest article by Dale Neufeld – canuck.eh at gmail.com The status of the next version of the OSSEC web interface is one of the more commonly asked questions on the mailing list and is currently #2 on … Continue reading

Posted in ossec | 1 Comment