OSSEC HIDS - Open Source Host Intrusion Detection System

For HIPS fans here at Wilders:

http://www.ossec.net/main/

"OSSEC is a scalable, multi-platform, open source Host-based Intrusion Detection System (HIDS). It has a powerful correlation and analysis engine, integrating log analysis, file integrity checking, Windows registry monitoring, centralized policy enforcement, rootkit detection, real-time alerting and active response.

It runs on most operating systems, including Linux, OpenBSD, FreeBSD, MacOS, Solaris and Windows."

I have not tested it myself, but I thought some people here might be interested.

Although the software runs on windows clients (not servers), a *nix server running OSSEC is needed to run event analysis. So for those having these kind of configurations (windows and/or *nix clients behind *nix server(s)) this could be a useful tool.

 

I don't think this is Vista compatible. Installed on Vista Business and didn't start up properly.

 

Reading:

http://www.ossec.net/wiki/index.php/Supported_os

you will see that Vista is - so far - not supported.