Linux Today: Linux News On Internet Time.

HowtoForge: Securing Your Server With A Host-based Intrusion Detection System

Sep 21, 2006, 07:30 (1 Talkback[s])

[ Thanks to Falko Timme for this link. ]

"This article shows how to install and run OSSEC HIDS, an Open Source Host-based Intrusion Detection System. It performs log analysis, integrity checking, rootkit detection, time-based alerting and active response. It helps you detect attacks, software misuse, policy violations and other forms of inappropriate activities.

"With OSSEC HIDS you can monitor multiple systems, with one system being the OSSEC HIDS server and the others the OSSEC HIDS agents that report back to the server. However, in this tutorial I want to monitor just one system, so I perform a 'local' installation so that OSSEC HIDS will do its work locally on that system..."

Complete Story

Related Stories: