> Hello,
>
> how important is it to install the OSSEC server on a hardened/trusted
> system?
How trustworthy do you want your logs, alerts and active response to be?
IDS and Log Analysis systems are generally considered to be high
security environments which require a high degree of integrity.
> Is there somewhere a HowTo prepare/install a secured Linux for OSSEC
> available?
> Or would you rather recommend to install OSSEC on BSD?
When hardening Linux, I prefer to do a very minimal install followed by
hardening to CIS Level I or Level II standards, depending on the
security needs of the server. The CIS benchmark also contains Bastille,
which can be run independently.
