After one year of hiatus, the Open Source Host-based Intrusion Detection System is back
OSSEC, an Open Source Host-based Intrusion Detection System that performs log analysis, file integrity checking, policy monitoring, rootkit detection, real-time alerting and active response, is now at version 2.7.It's been over a year from the previous major version of OSSEC, 2.6, which was released back in July 2011. In that time, a lot of developers have contributed with patches, enhancing the application considerably.
Highlights of OSSEC 2.7:
• Hybrid mode has been added, allowing the host to be both a server and an agent, useful for multi-tier OSSEC deployment;
• manage_agents -f option has been added for bulk generation of client keys from an input file;
• Prelinking support has been added, reducing the confusion when a file change is the result of prelinking;
• Fine-grained configuration control has been added;
• GeoIP lookup support has been added.
A complete list of changes and updates can be found in the official announcement.
Download OSSEC 2.7 right now from Softpedia.