Posts categorized as 'ossec'

OSSEC conference - 2019 - The untold story of OSSEC

Presenting at OSSECcon2019, about the story and the beginning of OSSEC.

Posted in ossec presentation / 2019-03-20

OSSEC v2016-04: Improving detection

As promised, I didn't let the momentum die off. Releasing today v2016-04 with multiple improvements to our log engine and rootcheck.

Posted in ossec releases / 2016-04-07

OSSEC v2016-02: New rules options + GeoIP by default

One more release to keep the momentum going. Included the last work with the different_* option in the rules, along with MaxMind by default and new rules.

Posted in ossec releases / 2016-02-03

OSSEC v2015-12: GeoIP + Integratord

I guess I didn’t keep my promise to push my OSSEC changes into the open source world as often as I would wanted. But at least I made up with some nice new features..

Posted in ossec releases / 2015-12-30

OSSEC rule for the PHP-CGI vulnerability

I am seeing many scans for the PHP-CGI vulnerability in the wild and put up a quick OSSEC rule to detect/block those.

Posted in ossec ossec-rules / 2012-05-09

Setting up OSSEC - Step by step guide

Setting up OSSEC - A step by step guide on how to install and configure OSSEC.

Posted in ossec / 2012-04-21

3WoO: Alerting on DNS (IP Address) changes

An easy way to monitor the integrity of your DNS is by checking remotely that the A/AAAA records have not been changed.

Posted in ossec dns / 2011-10-25

Detecting outdated (web) applications with OSSEC

Detecting outdated open source (web) applications with OSSEC: WordPress, Joomla, etc.

Posted in ossec auditing / 2011-09-21

Improved reporting for file changes on OSSEC

Improved reporting for file changes on OSSEC to display the files and locations.

Posted in ossec syscheck / 2011-05-26

Running multiple OSSEC decoders on the same event

Running multiple OSSEC decoders on the same event to extract additional information from the logs.

Posted in ossec decoders / 2011-04-05

Blocking repeated offenders with OSSEC

Blocking repeated offenders with OSSEC by increasing the block timeout every time.

Posted in ossec responses / 2011-02-11

Automatically creating and setting up the agent keys for OSSEC

Automatically creating and setting up the agent keys for authd on OSSEC

Posted in ossec / 2011-01-19

OSSEC Award daemon

I just got this award daemon via the mail today from the OSSEC community.

Posted in ossec love / 2010-10-20

How to contribute to OSSEC

How to contribute to OSSEC and any other open source project.

Posted in ossec open-source / 2010-10-19

OSSEC v2.5 released

We are very happy to announce the availability of OSSEC version 2.5.

Posted in ossec releases / 2010-09-27

OSSEC v2.4 released

We are very happy to announce the availability of OSSEC version 2.4.

Posted in ossec releases / 2010-04-01

OSSEC Alerting when a log or output of a command changes

If you want to create OSSEC alerts when a log or the output of a command changes, take a look at the new check_diff option.

Posted in ossec check_diff / 2010-03-11

New member of the OSSEC team: Priscila Cid

I am happy to announce the arrival of the newest member of the OSSEC team: Priscila!

Posted in ossec family / 2010-02-09

OSSEC v2.3 released

We are very happy to announce the availability of OSSEC version 2.3.

Posted in ossec releases / 2009-12-07

Process monitoring with OSSEC

How to monitor process and their output with OSSEC

Posted in ossec / 2009-11-05

Q&A: OSSEC interview with Daniel Cid

Q&A: OSSEC, the open source host-based intrusion detection system with Daniel Cid

Posted in ossec interview / 2009-08-21

Compiling the Windows Agent from a Linux system

How to compile the OSSEC Windows agent from a Linux system using Mingw.

Posted in ossec windows / 2009-06-12

OSSEC v2.0 released

We are very happy to announce the availability of OSSEC version 2.0.

Posted in ossec releases / 2009-02-27

Sending OSSEC alerts via syslog

We just added support to allow you to send OSSEC alerts to a remote syslog server.

Posted in ossec syslog / 2008-07-25

Third Brigade acquires OSSEC

OSSEC project acquired by Third Brigade

Posted in ossec acquisition / 2008-06-17

OSSEC v1.5 released

We are very happy to announce the availability of OSSEC version 1.5

Posted in ossec releases / 2008-05-01

OSSEC book is out

OSSEC book is out and ready for pre-order.

Posted in ossec book / 2008-01-23

OSSEC at the 'Own the Box' competition

OSSEC helping at Defcon's 'Own the Box' competition.

Posted in ossec defcon / 2007-09-05

OSSEC switching to GPLv3

OSSEC will be switching to the GPLv3 in the next release.

Posted in ossec gpl / 2007-07-12

OSSEC Presentations at AusCERT/Confidence

During the month of May I went to AusCERT and Confidence to talk about OSSEC (i.e. Log analysis using OSSEC).

Posted in ossec presentations / 2007-06-02

Daily/Chained checksum of OSSEC alerts

Daily/Chained checksum of ossec alerts for log integrity.

Posted in ossec / 2007-05-01

OSSEC performance testing (v2)

Performance testing results for OSSEC v1.1 - expanded.

Posted in ossec performance / 2007-04-10

New member of the OSSEC team: Davi Cid

I am happy to announce the arrival of the newest member of the OSSEC team: Davi!

Posted in ossec family / 2007-03-18

2006 OSSEC download numbers

2006 OSSEC download numbers from from version 0.5 to 0.9.3

Posted in ossec stats / 2007-01-09

Analysis of SSH brute force attacks

Username and password analysis of SSH brute force scans and attacks.

Posted in ossec releases / 2006-03-20