Monthly Archives: October 2009

Week of OSSEC

Michael Starks from Immutable Security finished today his series of articles about OSSEC called “Week of OSSEC“. It was meant to coincide with his speak on OSSEC at the Rochester Security Summit. From his blog: As a service to the … Continue reading

Posted in ossec, tips | Leave a comment

Creating a separated directory for testing OSSEC rules/config

A question that I often hear is how to use a separated directory for testing OSSEC rules and the configuration. The easiest way is by doing the follow: Choose the new directory to use as a test-base. In my case … Continue reading

Posted in ossec, rules | Leave a comment

Realtime file integrity monitoring

OSSEC supports realtime (continuous) file integrity monitoring on Linux systems (since v2.2) and on the latest snapshot we added support for Windows too. The configuration is very simple. In the <directories> option where you specify what files or directories to … Continue reading

Posted in ossec | Leave a comment

Using OSSEC to monitor ModSecurity and WordPress

Russ McRee wrote a very good article about using OSSEC to monitor Modsecurity and WordPress. It is an extension to his paper published at the ISSA journal about OSSEC too. Both very good reads.

Posted in ossec | Leave a comment