OSSEC is an Open Source Host-based Intrusion Detection System that performs log analysis, file integrity checking, policy monitoring, rootkit detection, real-time alerting and active response.
C Shell Perl Makefile C++ NSIS Other
Latest commit 6bd858e Jan 5, 2017 @ddpbsd ddpbsd committed on GitHub Merge pull request #1021 from friedkiwi/master
Fix Windows build

README.md

OSSEC v2.8 Copyright (C) 2014 Trend Micro Inc.

Information about OSSEC

OSSEC is a full platform to monitor and control your systems. It mixes together all the aspects of HIDS (host-based intrusion detection), log monitoring and SIM/SIEM together (security information and event management) in a simple, powerful and open source solution.

Visit our website for the latest information. ossec.github.io

Current Releases

The current stable releases are available on the OSSEC website.

Development

The development version is hosted on GitHub and just a simple git clone away.

Build Status Coverity Scan Build Status

Quick install

$ (ossec_version="2.8.2" ; ossec_checksum="a0f403270f388fbc6a0a4fd46791b1371f5597ec" ; cd /tmp/ && wget https://github.com/ossec/ossec-hids/archive/${ossec_version}.tar.gz && mv ${ossec_version}.tar.gz ossec-hids-${ossec_version}.tar.gz && checksum=$(sha1sum ossec-hids-${ossec_version}.tar.gz | cut -d" " -f1); if [ $checksum == $ossec_checksum ]; then tar xfz ossec-hids-${ossec_version}.tar.gz && cd ossec-hids-${ossec_version} && sudo ./install.sh ; else "Wrong checksum. Download again or check if file has been tampered with."; fi)

Then follow the prompts. You should still read the documentation here.

Credits and Thanks

  • OSSEC comes with a modified version of zlib and a small part of openssl (sha1 and blowfish libraries)
  • This product includes software developed by the OpenSSL Project for use in the OpenSSL Toolkit (http://www.openssl.org/).
  • This product includes cryptographic software written by Eric Young (eay@cryptsoft.com)
  • This product includes software developed by the zlib project (Jean-loup Gailly and Mark Adler).
  • This product includes software developed by the cJSON project (Dave Gamble)