Highest Voted 'hids' Questions - IT Security Stack Exchange

1

vote

1 answer

Escaping Virtualbox type intrusion detection?

Is there a way to run intrusion detection for if anything tries to escape from Virtualbox? Thank you.

ids virtualization hids

asked Mar 24 '17 at 23:49

Smiith

157
1
1
8

0

votes

0 answers

How to analyze/monitor OSSEC logs on Ubuntu

I'm using OSSEC server to monitor machines with OSSEC agents, which monitor this login via SSH, file creation, etc. I have configured OSSEC to send an email when it detects a problem, but this control mode is very bad for data control and…

ubuntu hids ossec

asked Apr 26 '22 at 16:31

Tom

163
4

0

votes

1 answer

Monitor logs managed by Wazuh and OSSEC

Today I use OSSEC as HIDS, but reading Wazuh's site it seems to be more modern and has more resources. I saw that it has an Elastic Stack integration, something I don't interested about due to using Java and using a lot of server resources. Does…

hids ossec hid-analysis

asked Apr 20 '22 at 21:27

Tom

163
4

0

votes

0 answers

Which tests can I perform with OSSEC?

I would like to perform a few basic tests on a few of OSSEC's capabilities and be able to document them. I have no experience with HIDS and I am not really sure where I could start or which tests with OSSEC I can perform and document. My question…

hids ossec

asked Nov 26 '21 at 00:15

Anon Name

1

0

votes

1 answer

File Integrity Monitoring via Syslog-ng or agentless - is it possible?

I am involved in a project which deals with PCI-DSS compliance. Particularly, there is a requirement to implement FIM (File Integrity Monitoring) for critical devices. Within these devices, there are unix-based firewall and routers, with specific…

pci-dss hids

asked Sep 23 '20 at 07:26

Alessandro

59
2
10

0

votes

1 answer

Does Wazuh have capabilities for handle virus/malware/rootkit ? If yes, How?

This question is similar with this one: OSSEC capabilities for handle a virus that already spread into the deepest system But it didnt roughly answer how could i do that exactly. I have tried Wazuh app for maybe 5 months in a row, as far as i know,…

hids

asked Aug 23 '18 at 07:42

gagantous

193
12

0

votes

2 answers

Can NIDS alone protect the Servers in our network, or we need HIDS application as well?

I have problem with some institute server. The scenario is like below. There is an institute (Government/Corporate/Industry) that have their own dedicated server. But there is no other security services or firewall that were implemented on these…

server hids

asked Apr 06 '18 at 03:49

gagantous

193
12

0

votes

1 answer

Do I need ossec for my personal home computer?

Do I really need a HIDS like ossec, or will using good passwords, using a firewall, an antivirus/antimalware program, and a rootkit scanner do the job well enough?

ids hids

asked Jan 23 '16 at 17:06

0000

13
1
7

-1

votes

1 answer

Host Based IDS with syscall monitoring

Hey Guys I am a newbie in security stuff and now I am working on my final project about host based IDS. I have some questions to you guys Can a rootkit be classified as an intrusion or is it a malware or both of them ? What's the difference between…

intrusion rootkits kernel hids

asked Jan 05 '16 at 10:50

Ramandika Pranamulia

11
1

Questions tagged [hids]