other security software with ossec
brian
I'm currently using a pre-configured server that uses csf, lfd and iptables. I plan on building my own server in the cloud.
It will only be a web server using apache. It will have php and mod_wsgi running. I know how to handle security for apache and other modules.
If there is examples floating around please point me to them.
Brian
Devon J. Greene
I would take a look at OSSIM (AlienVault) or Security Onion. I think OSSEC is nicely integrated with all three of these. From an information security standpoint, OSSEC is only going to cover HIDS/HIPS and FIM. It will not cover vulnerability management, asset management, NIDS/NIPS, IP reputation monitoring, etc…
From a Web Server perspective, I would still look to put a WAF (modsecurity) in place on top of OSSEC for Active-response capabilities (tar pitting/throttling, redirecting, etc…)
Devon J. Greene
Sr. Information Security Engineer
Dacotah Bank
--
---
You received this message because you are subscribed to the Google Groups "ossec-list" group.
To unsubscribe from this group and stop receiving emails from it, send an email to
ossec-list+...@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
CONFIDENTIALITY NOTICE: This electronic communication (email), including any attachments, is covered by the Electronic Communications Privacy Act, 18 U.S.C. §§2510 – 2521; is confidential; and may be legally privileged. If you are not the intended recipient, you are hereby notified that any retention, dissemination, distribution or copying of this electronic communication is strictly prohibited. Please reply to the sender that you received this message in error and then delete or otherwise destroy any and all copies of this electronic communication.