Reply
 
Thread Tools Display Modes
  #1  
Old 04-26-2012, 08:41 AM
rockworldmi rockworldmi is offline
Junior Member
 
Join Date: Nov 2011
Posts: 24
Thanks: 1
Thanked 0 Times in 0 Posts
Default OSSEC And fail2ban
Can any one provide info about how to go about installing OSSEC in warden jail? in PC-BSD 9. Should i use both fail2ban and ossec or just any one of it?...

Thanks.
Reply With Quote
  #2  
Old 04-26-2012, 10:23 PM
Nukama Nukama is offline
Member
 
Join Date: Jul 2010
Posts: 50
Thanks: 1
Thanked 2 Times in 2 Posts
Default
You can use active-response in OSSEC, if you have access to your firewall (not from inside jail, yet). OSSEC-host-deny would work in a jail.

You could use fail2ban on host for active-response, and OSSEC without active-response on your host and jails.

You could replace fail2ban with OSSEC and activate active-response on your host.

No need to install OSSEC on every jail, you could include logs from jails in your ossec.conf on your host system.

Would be great, if OSSEC is integrated into PCBSD.
Reply With Quote
  #3  
Old 04-27-2012, 04:37 AM
rockworldmi rockworldmi is offline
Junior Member
 
Join Date: Nov 2011
Posts: 24
Thanks: 1
Thanked 0 Times in 0 Posts
Default
I installed fail2ban on PC-BSD and both fail2ban and ossec-hids-local in jail...is it good?
Reply With Quote
Reply

Tags
ossec

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump


All times are GMT. The time now is 07:29 PM.


Powered by vBulletin® Version 3.8.5
Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.

Copyright 2005-2010, The PC-BSD Project. PC-BSD and the PC-BSD logo are registered trademarks of iXsystems.
All other content is freely available for sharing under the terms of the Creative Commons Attribution License.