OSSEC

Awesome Privacy ➔ Networking ➔ Intrusion Detection ➔ OSSEC

OSSEC is an Open Source host-based intrusion detection system, that performs log analysis, integrity checking, monitoring, rootkit detection, real-time alerting and active response.

Homepage: ossec.net
GitHub: github.com/ossec/ossec-hids
Web info: web-check.xyz/results/ossec.net

Open Source

OSSEC Source Code

Author

ossec

Description

OSSEC is an Open Source Host-based Intrusion Detection System that performs log analysis, file integrity checking, policy monitoring, rootkit detection, real-time alerting and active response.

#compliance#file-integrity-management#fim#hids#intrusion-detection#loganalyzer#nist800-53#ossec#pci-dss#policy-monitoring#security

Homepage

http://www.ossec.net

License

NOASSERTION

Created

17 Sept 13

Last Updated

29 Apr 24

Latest version

v_09

Primary Language

Size

20,499 KB

Stars

4,260

Forks

1,012

Watchers

4,260

Language Usage

Star History

Top Contributors

Recent Commits

Big Trucker (04 Mar 24)
Update SECURITY.md
Big Trucker (04 Mar 24)
Create SECURITY.md
Scott R. Shinn (09 Aug 23)
Merge pull request #1874 from ddpbsd/win_decoder_pcre pcre2 fix for windows1 decoders
Scott R. Shinn (09 Aug 23)
Merge pull request #1939 from g3rhard/g3rhard-patch-2 Little fix for AppArmor rules (added 5100 rule as parent)
Scott R. Shinn (08 Aug 23)
Merge pull request #1958 from ngarratt/aix7 Support AIX 7
Scott R. Shinn (08 Aug 23)
Merge branch 'master' into aix7
Scott R. Shinn (07 Aug 23)
Merge pull request #2064 from staskysel/fix-overwriting-agent-counter Fix overwriting an agent counter with sender counter during updating keys
Scott R. Shinn (07 Aug 23)
Merge pull request #2070 from pwntester/pwntester/add-codeql-workflow Add CodeQL workflow
Scott R. Shinn (07 Aug 23)
Merge pull request #2094 from XALM1337X/cve-2020-8445 Proposed fix for CVE-2020-8445
Scott R. Shinn (07 Aug 23)
Merge pull request #2092 from XALM1337X/cve-2020-8664 Proposed fix for CVE-2020-8446
logan (26 Jul 23)
Implementation for CVE-2020-8445 fix
logan (26 Jul 23)
added decleration and implementation for removing control characters via remove_control_characters()
logan (25 Jul 23)
proposed fix for CVE-2020-8664
Scott R. Shinn (01 Jun 23)
Merge pull request #2086 from ossec/v3.7.0 Merge pull request #2084 from ddpbsd/master
Scott R. Shinn (01 Jun 23)
Merge pull request #2084 from ddpbsd/master 1stmile
Dan Parriott (20 Mar 23)
Merge pull request #2062 from ddpbsd/issue2020 Fix issue #2020
Alvaro Muñoz (02 Dec 22)
Add CodeQL workflow
Stanislav Kysel (11 Oct 22)
Fix overwriting an agent counter with sender counter during updating keys
ddpbsd (07 Sept 22)
Fix issue #2020 /bin/diff returns /dev/full on fedora, so remove the /dev check
Scott R. Shinn (17 Jan 22)
Merge pull request #2035 from atomicturtle/v3.7.0 Updating changelog
Scott R. Shinn (17 Jan 22)
Updating changelog Signed-off-by: Scott R. Shinn <[email protected]>
Scott R. Shinn (15 Jan 22)
Merge pull request #2032 from atomicturtle/v3.7.0 Updating version fields
Scott R. Shinn (15 Jan 22)
Updating version fields Signed-off-by: Scott R. Shinn <[email protected]>
Scott R. Shinn (14 Jan 22)
Merge pull request #2029 from ChristianBeer/ar-nftables-script active response script for nftables
Christian Beer (26 Dec 21)
active response script for nftables Does the same as firewall-drop.sh and firewalld-drop.sh but for nftables (default in Debian 10+). Needs a bit more steps to setup but does a very good job. Documentation should be updated to contain maybe an example for the nftables configuration. Tested on Debian 11 with IPv4 and IPv6 adresses.
Scott R. Shinn (15 Oct 21)
Merge pull request #2017 from nfsec/patch-1 3 new rootkits found in the wild on github
Patryk Krawaczyński (15 Oct 21)
3 new rootkits found in the wild on github https://github.com/chokepoint/jynxkit https://github.com/chokepoint/Jynx2 https://github.com/unix-thrust/beurk
Scott R. Shinn (24 Jun 21)
Merge pull request #1952 from atomicturtle/issue1855 exclude on Overlay and aufs
Scott R. Shinn (24 Jun 21)
Merge pull request #1967 from tonoitp/tonoitp-cisco_asa-patch Update ssh_asa-fwsmconfig_diff
Dan Parriott (01 Jun 21)
Merge pull request #1979 from atomicturtle/issue1970 Closes issue #1970

OSSEC Website

Website

OSSEC - World's Most Widely Used Host Intrusion Detection System - HIDS

OSSEC is a multiplatform, open source and free Host Intrusion Detection System (HIDS). You can tailor OSSEC for your security needs through its extensive configuration options, adding custom alert rules and writing scripts.

Redirects

Does not redirect

Security Checks

All 66 security checks passed

Server Details

IP Address 192.95.31.85
Hostname www2.atomicorp.com
Location Montreal, Quebec, Canada, NA
ISP OVH Hosting Inc.
ASN AS16276

Associated Countries

Saftey Score

Website marked as safe

100%

Blacklist Check

www.ossec.net was found on 0 blacklists

ThreatLog
OpenPhish
PhishTank
Phishing.Database
PhishStats
URLhaus
RPiList Not Serious
AntiSocial Blacklist
PhishFeed
NABP Not Recommended Sites
Spam404
CRDF
Artists Against 419
CERT Polska
PetScams
Suspicious Hosting IP
Phishunt
CoinBlockerLists
MetaMask EthPhishing
EtherScamDB
EtherAddressLookup
ViriBack C2 Tracker
Bambenek Consulting
Badbitcoin
SecureReload Phishing List
Fake Website Buster
TweetFeed
CryptoScamDB
StopGunScams
ThreatFox
PhishFort

Website Preview

View full report at
web-check.xyz

OSSEC Reviews

More Intrusion Detection

Zeek

(Server/ VM/ Pi)
zeek.org

Zeek (formally Bro) Passively monitors network traffic and looks for suspicious activity.

Open Source zeek/zeek

View Zeek Report
Kismet

(Hardware)
kismetwireless.net

An 802.11 layer2 wireless network detector, sniffer, and intrusion detection system.

Open Source kismetwireless/kismet

View Kismet Report
Snare

(Server)
snaresolutions.com/products/snare-central

SNARE (System iNtrusion Analysis and Reporting Environment) is a series of log collection agents that facilitate centralized analysis of audit log data. Logs from the OS are collected and audited. Full remote access, through a web interface easy to use manually, or by an automated process.

Not Open Source

View Snare Report
picosnitch

(Linux)
elesiuta.github.io/picosnitch

picosnitch helps protect your security and privacy by "snitching" on anything that connects to the internet, letting you know when, how much data was transferred, and to where. It uses BPF to monitor network traffic per application, and per parent to cover those that just call others. It also hashes every executable, and will complain if some mischievous program is giving it trouble.

Open Source elesiuta/picosnitch

View picosnitch Report

About the Data: OSSEC

API

You can access OSSEC's data programmatically via our API. Simply make a GET request to:

https://api.awesome-privacy.xyz/networking/intrusion-detection/ossec

The REST API is free, no-auth and CORS-enabled. To learn more, view the Swagger Docs or read the API Usage Guide.

About the Data

Beyond the user-submitted YAML you see above, we also augment each listing with additional data dynamically fetched from several sources. To learn more about where the rest of data included in this page comes from, and how it is computed, see the About the Data section of our About page.

Share OSSEC

Help your friends compare Intrusion Detection, and pick privacy-respecting software and services.
Share OSSEC and Awesome Privacy with your network!

← Previous

Zeek

View Intrusion Detection (5)

Kismet

Awesome Privacy