OSSEC HIDS 4.1.0

OSSEC is a full platform to monitor and control your systems. It mixes together all the aspects of HIDS host-based intrusion detection, log monitoring and SIM/SIEM together in a simple, powerful and open source solution. This is the source code release...

HIDBench: Benchmarking Large Language Models for Host-Based Intrusion Detection

Recent benchmark efforts have advanced the evaluation of large language models LLMs in cybersecurity, including tasks such as penetration testing and vulnerability identification. However, a critical cybersecurity task, namely intrusion detection from system logs, remains unexplored. In this work...

OSSEC HIDS 4.0.0

OSSEC is a full platform to monitor and control your systems. It mixes together all the aspects of HIDS host-based intrusion detection, log monitoring and SIM/SIEM together in a simple, powerful and open source solution. This is the source code release...

EUVD-2008-2919

Malware in sbrugna...

EUVD-2007-5447

Malware in sbrugna...

EUVD-2008-3164

Malware in sbrugna...

EUVD-2009-2730

Malware in sbrugna...

EUVD-2011-1052

Malware in sbrugna...

From Alerts to Intelligence: a Novel LLM-Aided Framework for Host-Based Intrusion Detection

Host-based intrusion detection system HIDS is a key defense component to protect the organizations from advanced threats like Advanced Persistent Threats APT. By analyzing the fine-grained logs with approaches like data provenance, HIDS has shown successes in capturing sophisticated attack traces...

Microsoft Edge Chakra Scripting Engine CVE-2019-1427 Remote Memory Corruption Vulnerability

Description Microsoft Edge is prone to a remote memory-corruption vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in user. Failed attacks will cause denial of service conditions. Technologies Affected Microsoft ChakraCore Microsoft...

Thoughts on OSSEC Con 2019

Last week I attended my first OSSEC conference. I first blogged about OSSEC in 2007, and wrote other posts about it in the following years. OSSEC is a host-based intrusion detection and log analysis system with correlation and active response features. It is cross-platform, such that I can run it...

Open-Source Host-Based Intrusion Detection System: OSSEC

OSSEC is a platform to monitor and control your systems. It mixes together all the aspects of HIDS host-based intrusion detection, log monitoring, and Security Incident Management SIM/Security Information and Event Management SIEM together in a simple, powerful, and open source solution. Key...

[SAMHAIN 3.0.9] File Integrity Checker / Host-Based Intrusion Detection System

The Samhain host-based intrusion detection system HIDS provides file integrity checking and log file monitoring/analysis , as well as rootkit detection, port monitoring, detection of rogue SUID executables, and hidden processes. Samhain been designed to monitor multiple hosts with potentially...

CA Host-Based Intrusion Prevention System 'XMLSecDB' ActiveX Control Code Execution Vulnerability

CA Host-Based Intrusion Prevention SystemHIPS is prone to a remote code execution RCE vulnerability. SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier:...

CA Host-Based Intrusion Prevention System 'XMLSecDB' ActiveX Control Code Execution Vulnerability

This host is installed with CA Host-Based Intrusion Prevention SystemHIPS and is prone to a remote code-execution vulnerability. OpenVAS Vulnerability Test $Id: gbcahipsactivexctrlcodeexecvuln.nasl 6517 2017-07-04 13:34:20Z cfischer $ CA Host-Based Intrusion Prevention System 'XMLSecDB' ActiveX...

Design/Logic Flaw

The XML Security Database Parser class in the XMLSecDB ActiveX control in the HIPSEngine component in the Management Server before 8.1.0.88, and the client before 1.6.450, in CA Host-Based Intrusion Prevention System HIPS 8.1, as used in CA Internet Security Suite ISS 2010, allows remote attacker...

CVE-2011-1036

The XML Security Database Parser class in the XMLSecDB ActiveX control in the HIPSEngine component in the Management Server before 8.1.0.88, and the client before 1.6.450, in CA Host-Based Intrusion Prevention System HIPS 8.1, as used in CA Internet Security Suite ISS 2010, allows remote attacker...

CVE-2009-2740

kmxIds.sys before 7.3.1.18 in CA Host-Based Intrusion Prevention System HIPS 8.1 allows remote attackers to cause a denial of service system crash via a malformed packet...

CVE-2009-2740

kmxIds.sys before 7.3.1.18 in CA Host-Based Intrusion Prevention System HIPS 8.1 allows remote attackers to cause a denial of service system crash via a malformed packet...

[IVIZ-09-005] CA HIPS Remote Kernel Vulnerability

--------------------------------------------------------------------------------------------------- iViZ Security Advisory 09-005 19/08/2009 --------------------------------------------------------------------------------------------------- iViZ Techno Solutions Pvt. Ltd...