On Tuesday, September 10, 2013 5:33:22 PM UTC-4, Janelle wrote: > > Use a tool built for that and tie it in with OSSEC alerts. > OCS-NG > > ~J >
That's a good suggestion, I'll take a look at it and see how easy it would be to integrate into our environment. More academically speaking, since OSSEC is a hostbased intrusion detection system, part of its functionality is based around the concept of change detection. I see software/hardware/config change detection and reporting as being within the realm of HIDS at a high level. We already have generic config change detection within OSSEC in the form of syscheck... should software/hardware change detection be something that OSSEC should natively support? Weezel -- --- You received this message because you are subscribed to the Google Groups "ossec-list" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. For more options, visit https://groups.google.com/groups/opt_out.
