After one year of hiatus, the Open Source Host-based Intrusion Detection System is back

Nov 21, 2012 09:39 GMT  ·  By

OSSEC, an Open Source Host-based Intrusion Detection System that performs log analysis, file integrity checking, policy monitoring, rootkit detection, real-time alerting and active response, is now at version 2.7.

It's been over a year from the previous major version of OSSEC, 2.6, which was released back in July 2011. In that time, a lot of developers have contributed with patches, enhancing the application considerably.

Highlights of OSSEC 2.7:

• Hybrid mode has been added, allowing the host to be both a server and an agent, useful for multi-tier OSSEC deployment; • manage_agents -f option has been added for bulk generation of client keys from an input file; • Prelinking support has been added, reducing the confusion when a file change is the result of prelinking; • Fine-grained configuration control has been added; • GeoIP lookup support has been added.

A complete list of changes and updates can be found in the official announcement. Download OSSEC 2.7 right now from Softpedia.