Whitelisting IPs in OSSEC

Posted on Mon 22 May 2017 in howto • Tagged with securityonion, ossec

Another tool in the arsenal of Security Onion is OSSEC, a "scalable, multi-platform, open source Host-based Intrusion Detection System (HIDS)." OSSEC examines log and alert events and correlates them against pre-built (or custom) rules and sends alerts as configured. When installed on the Security Onion server, OSSEC alerts are logged …

Continue reading