OSSEC 2.7 Now Has Hybrid Mode

After one year of hiatus, the Open Source Host-based Intrusion Detection System is back

By on November 21st, 2012 09:39 GMT

OSSEC, an Open Source Host-based Intrusion Detection System that performs log analysis, file integrity checking, policy monitoring, rootkit detection, real-time alerting and active response, is now at version 2.7.

It's been over a year from the previous major version of OSSEC, 2.6, which was released back in July 2011. In that time, a lot of developers have contributed with patches, enhancing the application considerably.

Highlights of OSSEC 2.7:

• Hybrid mode has been added, allowing the host to be both a server and an agent, useful for multi-tier OSSEC deployment;
• manage_agents -f option has been added for bulk generation of client keys from an input file;
• Prelinking support has been added, reducing the confusion when a file change is the result of prelinking;
• Fine-grained configuration control has been added;
• GeoIP lookup support has been added.

A complete list of changes and updates can be found in the official announcement.

Download OSSEC 2.7
right now from Softpedia.

Comments