OSSIM tiene por objetivo proporcionar una recopilación completa de las herramientas que trabajando juntas dan una vista detallada sobre todos y cada uno de los aspectos de sus redes / hosts / dispositivos de acceso físico / server / etc en lo que se refiere a vulnerabilidades ...
Ossim features the following software components:
- Arpwatch, used for mac anomaly detection.
- P0f, used for passive OS detection and os change analisys.
- Pads, used for service anomaly detection.
- Nessus, used for vulnerability assessment and for cross correlation (IDS vs Security Scanner).
- Snort, the IDS, also used for cross correlation with nessus.
- Spade, the statistical packet anomaly detection engine. Used to gain knowledge about attacks without signature.
- Tcptrack, used for session data information which can grant useful information for attack correlation.
- Ntop, which builds an impressive network information database from which we can get aberrant behaviour anomaly detection.
- Nagios. Being fed from the host asset database it monitors host and service availability information.
- Osiris, a great HIDS.
- OCS-NG, Cross-Platform inventory solution.
- OSSEC, integrity, rootkit, registry detection and more.
- Arpwatch, used for mac anomaly detection.
- P0f, used for passive OS detection and os change analisys.
- Pads, used for service anomaly detection.
- Nessus, used for vulnerability assessment and for cross correlation (IDS vs Security Scanner).
- Snort, the IDS, also used for cross correlation with nessus.
- Spade, the statistical packet anomaly detection engine. Used to gain knowledge about attacks without signature.
- Tcptrack, used for session data information which can grant useful information for attack correlation.
- Ntop, which builds an impressive network information database from which we can get aberrant behaviour anomaly detection.
- Nagios. Being fed from the host asset database it monitors host and service availability information.
- Osiris, a great HIDS.
- OCS-NG, Cross-Platform inventory solution.
- OSSEC, integrity, rootkit, registry detection and more.
- Have a look at the screenshots. They're a good reference on how ossim looks like.
- Get additional in-depth documentation from the documents section.
- Have a look at the provided VMWare image and try it out by yourself !
- Download the OSSIM Installer and get your own ossim running in under 10 minutes.
No hay comentarios:
Publicar un comentario