IRC Web Chat

irc.freenode.net #hackontest

News

September 26, 2008 - Congratulations to all the winners! More about the Hackontest event will follow...

Pre-Hacking dinner of OpenLieroX

Working inside the box

Bruce Peren's evaluation

Harald Welte's review

OSSEC

Created by Daniel Cid, modified Juli 30, 2008 at 23:24:59 CET | This project has a total of 4 feature requests with 3 comments rated at 16 points | 1 unique implementers | Readiness: 0 features with at least three implementers rated at 0 points

OSSEC is a scalable, multi-platform, open source Host-based Intrusion Detection System (HIDS). It has a powerful correlation and analysis engine, integrating log analysis, file integrity checking, Windows registry monitoring, centralized policy enforcement, rootkit detection, real-time alerting and active response.

It runs on most operating systems, including Linux, OpenBSD, FreeBSD, MacOS, Solaris and Windows.

List of Implementers

Sort feature requests by

8	Create Management UI OSSEC already has a user interface to monitor the alerts, but nothing yet to configure it. The request is to modify the current web interface to be able to fully configure its main configuration file and decoders/rules.	Feature promoted at 8 points Implementers: Daniel Cid Feature created 2008-04-21 by Daniel Cid
	Add comment. 2008-04-22 16:45 Daniel Cid Please, detailed information regarding what improvements you are looking for.. :) 2008-04-21 18:09 Liliane I agree, an overall improvement of the current UI would be a nice ++... 2008-04-21 17:33 mxganse imho, better to improve the reporting interface for 1.5 before adding a feature to deal with configuration!
4	Windows standalone version OSSEC has the client/server model that works very well, but the server mode only runs on Unix. Plus, there is also a standalone version only for Unix/Linux systems. It would be a great improvement to add a standalone (local) Windows version of the OSSEC HIDS.	Feature promoted at 4 points Implementers: Daniel Cid Feature created 2008-04-22 by Daniel Cid
	Add comment.
3	Ability to Acknowledge Alerts and baseline It would be great if there was the ability to acknowledge alerts per system through the Web gui or other so as to set a baseline for the systems you are monitoring and allow alert events to be tracked and closed off.	Feature promoted at 3 points Implementers: Daniel Cid Feature created 2008-04-28 by roch
	Add comment.
1	Domain Name for Agents Domain Name also can be given to the Ossec Agents. Ossec Server should Accept and should be able to add Agents with Domain Name	Feature promoted at 1 points No one has agreed to implement this feature. Feature created 2008-06-17 by vinil
	Add comment.