-
Archives
- March 2013
- June 2012
- May 2012
- April 2012
- March 2012
- October 2011
- September 2011
- July 2011
- June 2011
- May 2011
- April 2011
- February 2011
- January 2011
- October 2010
- September 2010
- April 2010
- March 2010
- February 2010
- January 2010
- December 2009
- November 2009
- October 2009
- August 2009
- June 2009
- April 2009
- March 2009
- February 2009
- January 2009
- December 2008
- November 2008
- October 2008
- September 2008
- August 2008
- July 2008
- June 2008
- May 2008
- April 2008
- March 2008
- February 2008
- January 2008
- December 2007
- November 2007
- October 2007
- September 2007
- August 2007
- July 2007
- June 2007
- May 2007
- April 2007
- March 2007
- February 2007
- January 2007
- December 2006
- November 2006
- October 2006
- September 2006
- May 2006
- March 2006
Monthly Archives: April 2007
OSSEC at the SANS log management summit
David Bianco recently spoke about OSSEC at the SANS Log Management Summit 2007, with the presentation: “How to Save $45k (and Look Great Doing it)”. Quoting his blog entry reviewing the summit: On Tuesday morning, I gave my own presentation, … Continue reading
Posted in log analysis, ossec
Leave a comment
CEE – Logging standard
If you are not at the log analysis mailing list, you are missing a good discussion regarding the efforts to create a new logging standard, CEE (Common Event Expression). MITRE is in charge of the process, but it is probably … Continue reading
Posted in CEE, log analysis
5 Comments
Free Lunch :: OSSEC Review
Andrew Storms from ncircle posted an interesting review of ossec in his blog (also at the ncircle main blog): OSSEC is an open source host based intrusion detection system. The website states, “It performs log analysis, integrity checking, Windows registry … Continue reading
Posted in ossec
Leave a comment
Wiki editing blocked (vandalism)
I decided to block any form of editing to the ossec wiki for reasons of vandalism. If you look at the wiki recent changes page you will see the changes that were made. Most of them were very strange to … Continue reading
Posted in log analysis, wiki
2 Comments
OSSEC performance (v2)
During the release of ossec v1.0, I posted some performance numbers regarding that version. Even though I know most performance tests do not prove anything per se, I was able to see how many events per second an old PIII … Continue reading
Posted in ossec
Leave a comment
How to compile ossec on Windows?
It is not the first time I was asked that, so I decided to write it in here in case anyone else is interested. First of all, ossec is compiled using MinGW, so we have only used it with gcc. … Continue reading
Posted in ossec, windows
Leave a comment
Contributing to the ui development
I have received a large feedback from the community regarding the web interface with lots of offers to help. If you are interested in being a part of the UI development team, check out the following link with some ideas … Continue reading
Posted in ossec-ui
Leave a comment