Monthly Archives: October 2009

Week of OSSEC

Posted on October 31, 2009 by danielcid

Michael Starks from Immutable Security finished today his series of articles about OSSEC called “Week of OSSEC“. It was meant to coincide with his speak on OSSEC at the Rochester Security Summit. From his blog: As a service to the … Continue reading →

Posted in ossec, tips | Leave a comment

Creating a separated directory for testing OSSEC rules/config

Posted on October 28, 2009 by danielcid

A question that I often hear is how to use a separated directory for testing OSSEC rules and the configuration. The easiest way is by doing the follow: Choose the new directory to use as a test-base. In my case … Continue reading →

Posted in ossec, rules | Leave a comment

Realtime file integrity monitoring

Posted on October 8, 2009 by danielcid

OSSEC supports realtime (continuous) file integrity monitoring on Linux systems (since v2.2) and on the latest snapshot we added support for Windows too. The configuration is very simple. In the <directories> option where you specify what files or directories to … Continue reading →

Posted in ossec | Leave a comment

Using OSSEC to monitor ModSecurity and WordPress

Posted on October 6, 2009 by danielcid

Russ McRee wrote a very good article about using OSSEC to monitor Modsecurity and WordPress. It is an extension to his paper published at the ISSA journal about OSSEC too. Both very good reads.

Posted in ossec | Leave a comment