Host intrusion detection with OSSEC

James Turnbull
10.11.2006

No one wants an intruder in the corporate network, and one key way to fight against intruders is to be able to detect them.

Intrusion detection and prevention services (IDS/IPS) are broken down into two broad categories: network- and host-based services. Network-based IDS/IPS (Snort, for example) detects and potentially prevents network-borne attacks. Host-based IDS/IPS detects and potentially prevents threats at a host level. In this article, we’ll discuss OSSEC, an open source IDS/IPS that works on the host level.

Read more at SearchOpenSource.com

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s