O'Reilly logo

Instant OSSEC Host-based Intrusion Detection by Brad Lhotsky

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

File integrity monitoring (Simple)

File integrity monitoring (FIM) checks files and directories for changes. A number of commercial and open source solutions are available. OSSEC includes FIM as a part of its comprehensive solution to host-based intrusion detection. We'll briefly explore this feature and how to configure it.

Getting ready

File integrity monitoring looks at those attributes of a file that may indicate that its content has changed. These attributes include size, modification and creation times, one-way hashes of the contents of the file itself, and ownership and permissions of the file. Any change to one or more of these attributes triggers an alert. With OSSEC, we can customize the checks at a system-wide, per-directory, or even ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required