OSSEC Agent to Server Connection Issues
So naturally, as of late, I have found myself doing more than I probably need to on my servers and in the process causing more headaches then required. One of... Read More The post OSSEC Agent to...
View ArticleOSSEC For Website Security: Part I
OSSSEC is my preferred host-based intrusion detection system (HIDS). I have to admit I am a bit partial to it because my good friend Daniel Cid built it and sold... Read More The post OSSEC For Website...
View ArticleCurious to See a DDOS in Action?
I’ve always wondered what a Distributed Denial of Service (DDOS) really looks like. Fortunately, there is now this pretty awesome video illustration of what it looks like: How cool is... Read More The...
View ArticleOSSEC – Error: PostgreSQL client libraries not installed.
I was playing with OSSEC this afternoon and trying to get it configured to work with MySQL and when I was running make on the DB setup I was getting... Read More The post OSSEC – Error: PostgreSQL...
View ArticleOSSEC – Detecting New Files – Understanding How it Works
I recently saw some discussion in the OSSEC distribution list of someone having an issue with getting OSSEC’s syscheck to work right in real-time. It reminded me of a similar... Read More The post...
View ArticleOSSEC: Stop Agent Email Notifications from Being Grouped
This a quick post, for those of you that manage multiple agents under your manager, there might be instances where your email notifications will group different agent notifications together. This......
View ArticleForensics: Analyzing a WordPress Attack / Hack
Recently one of our honeypots was it by an attacker and in the process we were able to gather a bunch of good intelligence on the actions taken by the... Read More The post Forensics: Analyzing a...
View ArticleOSSEC For Website Security: PART II – Distributed Architectures Using Agents...
This article assumes you already have OSSEC deployed. If you need a refresher, refer to the Part I of OSSEC for website security, written March 2013. OSSEC is popular open-source... Read More The post...
View Article