OSSEC is an Open Source Host-based Intrusion Detection System. It performs log analysis, integrity checking, Windows registry monitoring, rootkit detection, real-time alerting and active response.
This version comes with lots of new features, including support for OpenBSD PF and Zeus web server logs, compiled (c-based) decoders, daily/chained checksum of alert logs, granular e-mail alerting options and SMS format output.
We also completed a large re-design of the internal architecture of analysisd (ossec process responsible for decoding and analysis), greatly improving performance and organization.
You can download it from:
http://www.ossec.net/en/downloads.html
More information:
OSSEC News
Full changelog:
http://www.ossec.net/announcements/v1.2-2007-05-16 .txt“
Link: ossec.net
