OSSEC v2.3 BETA available
OSSEC is a scalable, multi-platform, open source Host-based Intrusion Detection System (HIDS). It has a powerful correlation and analysis engine, integrating log analysis, file integrity checking, Windows registry monitoring, centralized policy enforcement, rootkit detection, real-time alerting and active respons
New features - v2.3
- Added support for the Nginx web server.
- Added support for Suhosin (Hardened PHP).
- Added support for real time integrity monitoring on Windows systems
- Added support for monitoring the output of commands on Linux and Windows.
- Added rules for PHP Warnings/errors.
- Fixed the way we read log files on Windows to properly support rotation without locking the files.
- Added support for Windows environment variables in the "location" field of log monitoring.
- Added check to avoid reading the same log file twice on incorrect configurations.
A list with all changes is available at: http://www.ossec.net/announcements/v2.3.txt