Security Dashboard
Security vDNA
Tuesday 24 November 2009 - 643 read - ( Keywords : Data Mining , IDS , Network Monitoring , OSSEC )
OSSEC is a scalable, multi-platform, open source Host-based Intrusion Detection System (HIDS). It has a powerful correlation and analysis engine, integrating log analysis, file integrity checking, Windows registry monitoring, centralized policy enforcement, rootkit detection, real-time alerting and active responsNew features - v2.3
Added support for the Nginx web server.
Added support for Suhosin (Hardened PHP).
Added support for real time integrity monitoring on Windows systems
Added support for monitoring the output of commands on Linux and Windows.
Added rules for PHP Warnings/errors.
Fixed the way we read log files on Windows to properly support rotation without locking the files.
Added support for Windows environment variables in the "location" field of log monitoring.
Added check to avoid reading the same log file twice on incorrect configurations.
A list with all changes is available at: http://www.ossec.net/announcements/v2.3.txt
POSTSCRIPTUM
COMPLIANCE MANDATES
IDS : PCI DSS 10.6, 11.4, SOX A13.2, DS5.10, GLBA 16CFR Part 314.4(b) and (3), HIPAA 164.306(a)(2), 164.308(a)(1) 164.308(a)(6)42, FISMA SI-4, AC-2, ISO 27001/27002 10.6.2,
10.10.1, 10.10.2, 10.10.4, 15.1.5Network Monitoring : PCI DSS Requirements 3, 4, SOX DS13.4, HIPAA 164.310(d)(1),
164.312(a)(2)(iv), FISMA SI-4, AU-2, ISO 27001/27002 12.5.4, 15.1.5
RELATED ARTICLES
Data Mining,
IDS,
Network Monitoring,
OSSEC,
2 April 2010 : OSSEC v2.4 released24 November 2009 : OSSEC v2.3 BETA available8 September 2009 : OSSEC v2.2 released
