Hi bil, I assume you're referring to Security Onion?
When you run Setup, you can choose Advanced Setup and then choose Server-only. This will give you OSSEC with no NIDS sniffing processes. You can then view OSSEC alerts in Sguil/Squert/ELSA and OSSEC archive logs in ELSA. If you have further questions about Security Onion, please feel free to use our mailing list: https://code.google.com/p/security-onion/wiki/MailingLists Thanks, Doug On Thu, Jun 20, 2013 at 3:56 PM, bil <h...@cs.unc.edu> wrote: > For the time being, I'd like to focus on the HIDS side, is there an install > that just does that, or better, a simple way to turn off the NIDS parts of > SO? > tia, > bil > > -- > > --- > You received this message because you are subscribed to the Google Groups > "ossec-list" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to ossec-list+unsubscr...@googlegroups.com. > For more options, visit https://groups.google.com/groups/opt_out. > > -- Doug Burks http://securityonion.blogspot.com -- --- You received this message because you are subscribed to the Google Groups "ossec-list" group. To unsubscribe from this group and stop receiving emails from it, send an email to ossec-list+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/groups/opt_out.