SearchOpenSource: OSSEC: The Server and Agent Model
Oct 16, 2006, 09:00 (0 Talkback[s])
(Other stories by James Turnbull)
[ Thanks to Jane Walker for this link.
"OSSEC is an open source host-based IDS/IPS that has two major
modes of operation. In my last tip (link to previous OSSEC tip), I
discussed how to install a stand-alone instance of OSSEC to run on
a single machine. In this tip, I will look at OSSEC's other mode of
operation--a server and agent model.
"In this mode, a central OSSEC server manages a series of remote
OSSEC agents. The agents generate alerts and regular status
reports, and these are forwarded to the central server and