Do I need ossec for my personal home computer?

Question

Do I really need a HIDS like ossec, or will using good passwords, using a firewall, an antivirus/antimalware program, and a rootkit scanner do the job well enough?

Depends on your needs. Do you have sensitive information on your home computer? — Mark Buffalo, Jan 23 '16 at 17:13
Ah, so for educational reasons? That is a perfectly valid reason to have these. However, these only protect against *known* threats. If you want to go deeper, you'll have to learn other things. That might be too broad to go into here. — Mark Buffalo, Jan 23 '16 at 17:21
Unfortunately, product recommendations are considered off-topic on this site. — Mark Buffalo, Jan 23 '16 at 17:31
It is very hard for us to recommend technical solutions unless we understand your security needs. Adding more context to your question would be helpful. — Neil Smithline, Jan 23 '16 at 17:46
You also need to be specific about OS. An answer for Windows would likely look very different to an answer for Linux or Mac. — Julian Knight, Jan 23 '16 at 18:10

score 1 · Answer 1 · answered Jan 23 '16 at 18:16

HIDS is very much overkill for a home PC unless you are doing something super-sensitive. More importantly though, HIDS is reactive and to react, you have to monitor it. So the HIDS app is only a part of the solution. You need event reporting and collation and you need both eyes on the output and a way to do something if you get an event. I've seen far too many security solutions implemented that are then ignored or only checked occasionally.

In reality, the best additional security you can put on a home PC or any PC really is something that only allows whitelisted applications to run. This massively reduces the attack surface of your PC and greatly increases the complexity of an attack.

Do I need ossec for my personal home computer?

1 Answers1