This week’s TechMail is: Get started with the security tool OSSEC, a quick run-down of what OSSEC is and how to use it. It’s a pretty big “package”, so I couldn’t cover everything, just a single-server-use scenario which I think is what the majority of people would use it for, but it’s client/server architecture is quite neat. It definitely deserves more time to devote to, I think, just see how well the client/server stuff works. I don’t necessarily know if it would be a replacement for other tools.. it didn’t seem to be quite as comprehensive with the filesystem checks as AIDE, but I think it could definitely round out a good overall IDS.