"OSSEC is an open source host-based IDS/IPS that has two major
modes of operation. In my last tip (link to previous OSSEC tip), I
discussed how to install a stand-alone instance of OSSEC to run on
a single machine. In this tip, I will look at OSSEC's other mode of
operation--a server and agent model.
"In this mode, a central OSSEC server manages a series of remote
OSSEC agents. The agents generate alerts and regular status
reports, and these are forwarded to the central server and
Some of the products that appear on this site are from companies from which QuinStreet receives compensation. This compensation may impact how and where products appear on this site including, for example, the order in which they appear. QuinStreet does not include all companies or all types of products available in the marketplace.