OSSEC And fail2ban

[rockworldmi]

Can any one provide info about how to go about installing OSSEC in warden jail? in PC-BSD 9. Should i use both fail2ban and ossec or just any one of it?...

Thanks.

[Nukama]

You can use active-response in OSSEC, if you have access to your firewall (not from inside jail, yet). OSSEC-host-deny would work in a jail.

You could use fail2ban on host for active-response, and OSSEC without active-response on your host and jails.

You could replace fail2ban with OSSEC and activate active-response on your host.

No need to install OSSEC on every jail, you could include logs from jails in your ossec.conf on your host system.

Would be great, if OSSEC is integrated into PCBSD.

[rockworldmi]

I installed fail2ban on PC-BSD and both fail2ban and ossec-hids-local in jail...is it good?