OSSEC v2.3 BETA available

OSSEC is a scalable, multi-platform, open source Host-based Intrusion Detection System (HIDS). It has a powerful correlation and analysis engine, integrating log analysis, file integrity checking, Windows registry monitoring, centralized policy enforcement, rootkit detection, real-time alerting and active respons

New features - v2.3

  • Added support for the Nginx web server.
  • Added support for Suhosin (Hardened PHP).
  • Added support for real time integrity monitoring on Windows systems
  • Added support for monitoring the output of commands on Linux and Windows.
  • Added rules for PHP Warnings/errors.
  • Fixed the way we read log files on Windows to properly support rotation without locking the files.
  • Added support for Windows environment variables in the "location" field of log monitoring.
  • Added check to avoid reading the same log file twice on incorrect configurations.

A list with all changes is available at: http://www.ossec.net/announcements/v2.3.txt

Post scriptum

Compliance Mandates

  • IDS :

    PCI DSS 10.6, 11.4, SOX A13.2, DS5.10, GLBA 16CFR Part 314.4(b) and (3), HIPAA 164.306(a)(2), 164.308(a)(1) 164.308(a)(6)42, FISMA SI-4, AC-2, ISO 27001/27002 10.6.2,
    10.10.1, 10.10.2, 10.10.4, 15.1.5

  • Network Monitoring :

    PCI DSS Requirements 3, 4, SOX DS13.4, HIPAA 164.310(d)(1),
    164.312(a)(2)(iv), FISMA SI-4, AU-2, ISO 27001/27002 12.5.4, 15.1.5


Related Articles

Data Mining
IDS
Network Monitoring
OSSEC