Skip to main content

OSSEC - Open source And Free Host Intrusion Detection System (HIDS)

As it clarify with name that it is host based intrusion detention system we need to set it up in host/server which we want to monitor.

Features

File Integrity checking
Log Monitoring
Rootkit detection
Active response

Benefits

Compliance Requirements -  PCI and HIPAA
Multi platform
Real-time and Configurable Alerts
Integration with current infrastructure
Centralized management
Agent and agentless monitoring

Configuration  

I did in Ubuntu so here are commands I used 

sudo apt get update -y
sudo apt-get install apache2 -y
sudo apt-get install build-essential -y
sudo apt get update -y
wget https://github.com/ossec/ossec-hids/archive/2.9.2.tar.gz
sudo tar -zxvf 2.9.2.tar.gz
cd ossec-hids-2.9.2/
sudo ./install.sh
sudo /var/ossec/bin/ossec-control start
cd /home/ubuntu
wget https://github.com/ossec/ossec-wui/archive/master.zip
sudo apt-get install unzip -y
sudo unzip master.zip
mv ossec-wui-master /var/www/html/ossec
cd /var/www/html/ossec
 ./setup.sh
systemctl restart apache2
sudo apt-get update -y
sudo apt-get install php -y
sudo apt-get install build-essential gcc make apache2 libapache2-mod-php7.0 php7.0 php7.0-cli php7.0-common apache2-utils unzip wget sendmail inotify-tools -y

Video with full explanation  


Comments

Post a Comment

Popular posts from this blog

An Nvidia card was not detected in your system fix for Asus Laptops

This article explains how to fix issue like "NVIDIA display settings are not available" OR "An Nvidia card was not detected in your system" in your Asus laptop. The Error looks like  And GPU is not present in armory crate as well You will not be able to Nvidia driver in Device Manager as well To fix this go to your armory crate software and check if Eco mode is enabled in GPU mode. Select any other mode i.e., standard  If you do not see it in your Home Page, go to device and select GPU power saving option and select any other mode than Eco mode. As you select any other mode your GPU will be back This happens because Eco Mode Completely disables GPU for power saving from armory crate Made a video as well regarding this do check it out.
Post a Comment
Read more

OpenVAS vulnerability scanner

  OpenVAS is a framework of several services and tools offering a comprehensive and powerful vulnerability scanning and vulnerability management solution. The framework is part of Greenbone Networks commercial vulnerability management solution from which developments are contributed to the Open Source community since 2009. ·          The actual security scanner is accompanied with a regularly updated feed of Network Vulnerability Tests (NVTs), over 50,000 in total. All OpenVAS products are Free Software. Most components are licensed under the GNU General Public License (GNU GPL). ·          About NVT Feed - Greenbone maintains a public feed of Network Vulnerability Tests (NVTs) for the OpenVAS project, the Greenbone Community Feed. It contains more than 50,000 NVTs, growing on a permanent basis. This feed is configured as the default for the OpenVAS Scanner and relates to the Gr...
Post a Comment
Read more