The security/ossec-hids port

ossec-hids-3.0.0p6 – host-based intrusion detection system (cvsweb github mirror)

Description

OSSEC is a scalable, multi-platform, open source Host-based Intrusion Detection
System (HIDS). It has a powerful correlation and analysis engine, integrating
log analysis, file integrity checking, Windows registry monitoring, centralized
policy enforcement, rootkit detection, real-time alerting and active response.

WWW: https://www.ossec.net/

Maintainer

Paul Irofti

Library dependencies

Build dependencies

devel/gmake

Files

/etc/rc.d/ossec_hids
/usr/local/ossec-hids/.ssh/
/usr/local/ossec-hids/active-response/
/usr/local/ossec-hids/active-response/bin/
/usr/local/ossec-hids/active-response/bin/disable-account.sh
/usr/local/ossec-hids/active-response/bin/firewall-drop.sh
/usr/local/ossec-hids/active-response/bin/firewalld-drop.sh
/usr/local/ossec-hids/active-response/bin/host-deny.sh
/usr/local/ossec-hids/active-response/bin/ip-customblock.sh
/usr/local/ossec-hids/active-response/bin/ipfw.sh
/usr/local/ossec-hids/active-response/bin/ipfw_mac.sh
/usr/local/ossec-hids/active-response/bin/npf.sh
/usr/local/ossec-hids/active-response/bin/ossec-pagerduty.sh
/usr/local/ossec-hids/active-response/bin/ossec-slack.sh
/usr/local/ossec-hids/active-response/bin/ossec-tweeter.sh
/usr/local/ossec-hids/active-response/bin/pf.sh
/usr/local/ossec-hids/active-response/bin/restart-ossec.sh
/usr/local/ossec-hids/active-response/bin/route-null.sh
/usr/local/ossec-hids/agentless/
/usr/local/ossec-hids/agentless/main.exp
/usr/local/ossec-hids/agentless/register_host.sh
/usr/local/ossec-hids/agentless/ssh.exp
/usr/local/ossec-hids/agentless/ssh_asa-fwsmconfig_diff
/usr/local/ossec-hids/agentless/ssh_foundry_diff
/usr/local/ossec-hids/agentless/ssh_generic_diff
/usr/local/ossec-hids/agentless/ssh_integrity_check_bsd
/usr/local/ossec-hids/agentless/ssh_integrity_check_linux
/usr/local/ossec-hids/agentless/ssh_nopass.exp
/usr/local/ossec-hids/agentless/ssh_pixconfig_diff
/usr/local/ossec-hids/agentless/sshlogin.exp
/usr/local/ossec-hids/agentless/su.exp
/usr/local/ossec-hids/bin/
/usr/local/ossec-hids/bin/agent_control
/usr/local/ossec-hids/bin/clear_stats
/usr/local/ossec-hids/bin/list_agents
/usr/local/ossec-hids/bin/manage_agents
/usr/local/ossec-hids/bin/ossec-agentlessd
/usr/local/ossec-hids/bin/ossec-analysisd
/usr/local/ossec-hids/bin/ossec-authd
/usr/local/ossec-hids/bin/ossec-control
/usr/local/ossec-hids/bin/ossec-csyslogd
/usr/local/ossec-hids/bin/ossec-dbd
/usr/local/ossec-hids/bin/ossec-execd
/usr/local/ossec-hids/bin/ossec-logcollector
/usr/local/ossec-hids/bin/ossec-logtest
/usr/local/ossec-hids/bin/ossec-lua
/usr/local/ossec-hids/bin/ossec-luac
/usr/local/ossec-hids/bin/ossec-maild
/usr/local/ossec-hids/bin/ossec-makelists
/usr/local/ossec-hids/bin/ossec-monitord
/usr/local/ossec-hids/bin/ossec-regex
/usr/local/ossec-hids/bin/ossec-remoted
/usr/local/ossec-hids/bin/ossec-reportd
/usr/local/ossec-hids/bin/ossec-syscheckd
/usr/local/ossec-hids/bin/rootcheck_control
/usr/local/ossec-hids/bin/syscheck_control
/usr/local/ossec-hids/bin/syscheck_update
/usr/local/ossec-hids/bin/util.sh
/usr/local/ossec-hids/bin/verify-agent-conf
/usr/local/ossec-hids/etc/
/usr/local/ossec-hids/etc/client.keys
/usr/local/ossec-hids/etc/decoder.xml
/usr/local/ossec-hids/etc/internal_options.conf
/usr/local/ossec-hids/etc/local_internal_options.conf
/usr/local/ossec-hids/etc/localtime
/usr/local/ossec-hids/etc/ossec.conf
/usr/local/ossec-hids/etc/shared/
/usr/local/ossec-hids/etc/shared/cis_apache2224_rcl.txt
/usr/local/ossec-hids/etc/shared/cis_debian_linux_rcl.txt
/usr/local/ossec-hids/etc/shared/cis_mysql5-6_community_rcl.txt
/usr/local/ossec-hids/etc/shared/cis_mysql5-6_enterprise_rcl.txt
/usr/local/ossec-hids/etc/shared/cis_rhel5_linux_rcl.txt
/usr/local/ossec-hids/etc/shared/cis_rhel6_linux_rcl.txt
/usr/local/ossec-hids/etc/shared/cis_rhel7_linux_rcl.txt
/usr/local/ossec-hids/etc/shared/cis_rhel_linux_rcl.txt
/usr/local/ossec-hids/etc/shared/cis_sles11_linux_rcl.txt
/usr/local/ossec-hids/etc/shared/cis_sles12_linux_rcl.txt
/usr/local/ossec-hids/etc/shared/cis_win2012r2_domainL1_rcl.txt
/usr/local/ossec-hids/etc/shared/cis_win2012r2_domainL2_rcl.txt
/usr/local/ossec-hids/etc/shared/cis_win2012r2_memberL1_rcl.txt
/usr/local/ossec-hids/etc/shared/cis_win2012r2_memberL2_rcl.txt
/usr/local/ossec-hids/etc/shared/rootkit_files.txt
/usr/local/ossec-hids/etc/shared/rootkit_trojans.txt
/usr/local/ossec-hids/etc/shared/system_audit_rcl.txt
/usr/local/ossec-hids/etc/shared/system_audit_ssh.txt
/usr/local/ossec-hids/etc/shared/win_applications_rcl.txt
/usr/local/ossec-hids/etc/shared/win_audit_rcl.txt
/usr/local/ossec-hids/etc/shared/win_malware_rcl.txt
/usr/local/ossec-hids/logs/
/usr/local/ossec-hids/logs/active-responses.log
/usr/local/ossec-hids/logs/alerts/
/usr/local/ossec-hids/logs/archives/
/usr/local/ossec-hids/logs/firewall/
/usr/local/ossec-hids/logs/ossec.log
/usr/local/ossec-hids/lua/
/usr/local/ossec-hids/lua/compiled/
/usr/local/ossec-hids/lua/native/
/usr/local/ossec-hids/ossec-agent/
/usr/local/ossec-hids/ossec-agent/.ssh/
/usr/local/ossec-hids/ossec-agent/active-response/
/usr/local/ossec-hids/ossec-agent/active-response/bin/
/usr/local/ossec-hids/ossec-agent/active-response/bin/disable-account.sh
/usr/local/ossec-hids/ossec-agent/active-response/bin/firewall-drop.sh
/usr/local/ossec-hids/ossec-agent/active-response/bin/firewalld-drop.sh
/usr/local/ossec-hids/ossec-agent/active-response/bin/host-deny.sh
/usr/local/ossec-hids/ossec-agent/active-response/bin/ip-customblock.sh
/usr/local/ossec-hids/ossec-agent/active-response/bin/ipfw.sh
/usr/local/ossec-hids/ossec-agent/active-response/bin/ipfw_mac.sh
/usr/local/ossec-hids/ossec-agent/active-response/bin/npf.sh
/usr/local/ossec-hids/ossec-agent/active-response/bin/ossec-pagerduty.sh
/usr/local/ossec-hids/ossec-agent/active-response/bin/ossec-slack.sh
/usr/local/ossec-hids/ossec-agent/active-response/bin/ossec-tweeter.sh
/usr/local/ossec-hids/ossec-agent/active-response/bin/pf.sh
/usr/local/ossec-hids/ossec-agent/active-response/bin/restart-ossec.sh
/usr/local/ossec-hids/ossec-agent/active-response/bin/route-null.sh
/usr/local/ossec-hids/ossec-agent/agentless/
/usr/local/ossec-hids/ossec-agent/agentless/main.exp
/usr/local/ossec-hids/ossec-agent/agentless/register_host.sh
/usr/local/ossec-hids/ossec-agent/agentless/ssh.exp
/usr/local/ossec-hids/ossec-agent/agentless/ssh_asa-fwsmconfig_diff
/usr/local/ossec-hids/ossec-agent/agentless/ssh_foundry_diff
/usr/local/ossec-hids/ossec-agent/agentless/ssh_generic_diff
/usr/local/ossec-hids/ossec-agent/agentless/ssh_integrity_check_bsd
/usr/local/ossec-hids/ossec-agent/agentless/ssh_integrity_check_linux
/usr/local/ossec-hids/ossec-agent/agentless/ssh_nopass.exp
/usr/local/ossec-hids/ossec-agent/agentless/ssh_pixconfig_diff
/usr/local/ossec-hids/ossec-agent/agentless/sshlogin.exp
/usr/local/ossec-hids/ossec-agent/agentless/su.exp
/usr/local/ossec-hids/ossec-agent/bin/
/usr/local/ossec-hids/ossec-agent/bin/agent-auth
/usr/local/ossec-hids/ossec-agent/bin/manage_agents
/usr/local/ossec-hids/ossec-agent/bin/ossec-agentd
/usr/local/ossec-hids/ossec-agent/bin/ossec-control
/usr/local/ossec-hids/ossec-agent/bin/ossec-execd
/usr/local/ossec-hids/ossec-agent/bin/ossec-lua
/usr/local/ossec-hids/ossec-agent/bin/ossec-luac
/usr/local/ossec-hids/ossec-agent/bin/ossec-syscheckd
/usr/local/ossec-hids/ossec-agent/bin/util.sh
/usr/local/ossec-hids/ossec-agent/etc/
/usr/local/ossec-hids/ossec-agent/etc/client.keys
/usr/local/ossec-hids/ossec-agent/etc/internal_options.conf
/usr/local/ossec-hids/ossec-agent/etc/local_internal_options.conf
/usr/local/ossec-hids/ossec-agent/etc/localtime
/usr/local/ossec-hids/ossec-agent/etc/ossec-init.conf
/usr/local/ossec-hids/ossec-agent/etc/ossec.conf
/usr/local/ossec-hids/ossec-agent/etc/shared/
/usr/local/ossec-hids/ossec-agent/etc/shared/cis_apache2224_rcl.txt
/usr/local/ossec-hids/ossec-agent/etc/shared/cis_debian_linux_rcl.txt
/usr/local/ossec-hids/ossec-agent/etc/shared/cis_mysql5-6_community_rcl.txt
/usr/local/ossec-hids/ossec-agent/etc/shared/cis_mysql5-6_enterprise_rcl.txt
/usr/local/ossec-hids/ossec-agent/etc/shared/cis_rhel5_linux_rcl.txt
/usr/local/ossec-hids/ossec-agent/etc/shared/cis_rhel6_linux_rcl.txt
/usr/local/ossec-hids/ossec-agent/etc/shared/cis_rhel7_linux_rcl.txt
/usr/local/ossec-hids/ossec-agent/etc/shared/cis_rhel_linux_rcl.txt
/usr/local/ossec-hids/ossec-agent/etc/shared/cis_sles11_linux_rcl.txt
/usr/local/ossec-hids/ossec-agent/etc/shared/cis_sles12_linux_rcl.txt
/usr/local/ossec-hids/ossec-agent/etc/shared/cis_win2012r2_domainL1_rcl.txt
/usr/local/ossec-hids/ossec-agent/etc/shared/cis_win2012r2_domainL2_rcl.txt
/usr/local/ossec-hids/ossec-agent/etc/shared/cis_win2012r2_memberL1_rcl.txt
/usr/local/ossec-hids/ossec-agent/etc/shared/cis_win2012r2_memberL2_rcl.txt
/usr/local/ossec-hids/ossec-agent/etc/shared/rootkit_files.txt
/usr/local/ossec-hids/ossec-agent/etc/shared/rootkit_trojans.txt
/usr/local/ossec-hids/ossec-agent/etc/shared/system_audit_rcl.txt
/usr/local/ossec-hids/ossec-agent/etc/shared/system_audit_ssh.txt
/usr/local/ossec-hids/ossec-agent/etc/shared/win_applications_rcl.txt
/usr/local/ossec-hids/ossec-agent/etc/shared/win_audit_rcl.txt
/usr/local/ossec-hids/ossec-agent/etc/shared/win_malware_rcl.txt
/usr/local/ossec-hids/ossec-agent/logs/
/usr/local/ossec-hids/ossec-agent/logs/ossec.log
/usr/local/ossec-hids/ossec-agent/lua/
/usr/local/ossec-hids/ossec-agent/lua/compiled/
/usr/local/ossec-hids/ossec-agent/lua/native/
/usr/local/ossec-hids/ossec-agent/queue/
/usr/local/ossec-hids/ossec-agent/queue/alerts/
/usr/local/ossec-hids/ossec-agent/queue/diff/
/usr/local/ossec-hids/ossec-agent/queue/ossec/
/usr/local/ossec-hids/ossec-agent/queue/rids/
/usr/local/ossec-hids/ossec-agent/queue/syscheck/
/usr/local/ossec-hids/ossec-agent/tmp/
/usr/local/ossec-hids/ossec-agent/var/
/usr/local/ossec-hids/ossec-agent/var/run/
/usr/local/ossec-hids/ossec-agent/var/start-script-lock/
/usr/local/ossec-hids/queue/
/usr/local/ossec-hids/queue/agent-info/
/usr/local/ossec-hids/queue/agentless/
/usr/local/ossec-hids/queue/alerts/
/usr/local/ossec-hids/queue/diff/
/usr/local/ossec-hids/queue/fts/
/usr/local/ossec-hids/queue/ossec/
/usr/local/ossec-hids/queue/rids/
/usr/local/ossec-hids/queue/rootcheck/
/usr/local/ossec-hids/queue/syscheck/
/usr/local/ossec-hids/rules/apache_rules.xml
/usr/local/ossec-hids/rules/apparmor_rules.xml
/usr/local/ossec-hids/rules/arpwatch_rules.xml
/usr/local/ossec-hids/rules/asterisk_rules.xml
/usr/local/ossec-hids/rules/attack_rules.xml
/usr/local/ossec-hids/rules/cimserver_rules.xml
/usr/local/ossec-hids/rules/cisco-ios_rules.xml
/usr/local/ossec-hids/rules/clam_av_rules.xml
/usr/local/ossec-hids/rules/courier_rules.xml
/usr/local/ossec-hids/rules/dovecot_rules.xml
/usr/local/ossec-hids/rules/dropbear_rules.xml
/usr/local/ossec-hids/rules/exim_rules.xml
/usr/local/ossec-hids/rules/firewall_rules.xml
/usr/local/ossec-hids/rules/firewalld_rules.xml
/usr/local/ossec-hids/rules/ftpd_rules.xml
/usr/local/ossec-hids/rules/hordeimp_rules.xml
/usr/local/ossec-hids/rules/ids_rules.xml
/usr/local/ossec-hids/rules/imapd_rules.xml
/usr/local/ossec-hids/rules/local_rules.xml
/usr/local/ossec-hids/rules/mailscanner_rules.xml
/usr/local/ossec-hids/rules/mcafee_av_rules.xml
/usr/local/ossec-hids/rules/ms-exchange_rules.xml
/usr/local/ossec-hids/rules/ms-se_rules.xml
/usr/local/ossec-hids/rules/ms_dhcp_rules.xml
/usr/local/ossec-hids/rules/ms_ftpd_rules.xml
/usr/local/ossec-hids/rules/msauth_rules.xml
/usr/local/ossec-hids/rules/mysql_rules.xml
/usr/local/ossec-hids/rules/named_rules.xml
/usr/local/ossec-hids/rules/netscreenfw_rules.xml
/usr/local/ossec-hids/rules/nginx_rules.xml
/usr/local/ossec-hids/rules/nsd_rules.xml
/usr/local/ossec-hids/rules/openbsd-dhcpd_rules.xml
/usr/local/ossec-hids/rules/openbsd_rules.xml
/usr/local/ossec-hids/rules/opensmtpd_rules.xml
/usr/local/ossec-hids/rules/ossec_rules.xml
/usr/local/ossec-hids/rules/owncloud_rules.xml
/usr/local/ossec-hids/rules/pam_rules.xml
/usr/local/ossec-hids/rules/php_rules.xml
/usr/local/ossec-hids/rules/pix_rules.xml
/usr/local/ossec-hids/rules/policy_rules.xml
/usr/local/ossec-hids/rules/postfix_rules.xml
/usr/local/ossec-hids/rules/postgresql_rules.xml
/usr/local/ossec-hids/rules/proftpd_rules.xml
/usr/local/ossec-hids/rules/proxmox-ve_rules.xml
/usr/local/ossec-hids/rules/psad_rules.xml
/usr/local/ossec-hids/rules/pure-ftpd_rules.xml
/usr/local/ossec-hids/rules/racoon_rules.xml
/usr/local/ossec-hids/rules/roundcube_rules.xml
/usr/local/ossec-hids/rules/rules_config.xml
/usr/local/ossec-hids/rules/sendmail_rules.xml
/usr/local/ossec-hids/rules/smbd_rules.xml
/usr/local/ossec-hids/rules/solaris_bsm_rules.xml
/usr/local/ossec-hids/rules/sonicwall_rules.xml
/usr/local/ossec-hids/rules/spamd_rules.xml
/usr/local/ossec-hids/rules/squid_rules.xml
/usr/local/ossec-hids/rules/sshd_rules.xml
/usr/local/ossec-hids/rules/symantec-av_rules.xml
/usr/local/ossec-hids/rules/symantec-ws_rules.xml
/usr/local/ossec-hids/rules/syslog_rules.xml
/usr/local/ossec-hids/rules/sysmon_rules.xml
/usr/local/ossec-hids/rules/systemd_rules.xml
/usr/local/ossec-hids/rules/telnetd_rules.xml
/usr/local/ossec-hids/rules/trend-osce_rules.xml
/usr/local/ossec-hids/rules/unbound_rules.xml
/usr/local/ossec-hids/rules/vmpop3d_rules.xml
/usr/local/ossec-hids/rules/vmware_rules.xml
/usr/local/ossec-hids/rules/vpn_concentrator_rules.xml
/usr/local/ossec-hids/rules/vpopmail_rules.xml
/usr/local/ossec-hids/rules/vsftpd_rules.xml
/usr/local/ossec-hids/rules/web_appsec_rules.xml
/usr/local/ossec-hids/rules/web_rules.xml
/usr/local/ossec-hids/rules/wordpress_rules.xml
/usr/local/ossec-hids/rules/zeus_rules.xml
/usr/local/ossec-hids/stats/
/usr/local/ossec-hids/tmp/
/usr/local/ossec-hids/var/
/usr/local/ossec-hids/var/run/
/usr/local/ossec-hids/var/start-script-lock/
@newgroup _ossec:827
@newuser _ossec:827:_ossec::OSSEC Account:/nonexistent:/sbin/nologin
@newuser _ossecm:828:_ossec::OSSEC Mail Account:/nonexistent:/sbin/nologin
@newuser _ossecr:829:_ossec::OSSEC Rem Account:/nonexistent:/sbin/nologin

The security/ossec-hids port

ossec-hids-3.0.0p6 – host-based intrusion detection system (cvsweb github mirror)

Description

Maintainer

Categories

Library dependencies

Build dependencies

Files