OSSIM Fast Guide - AlienVault
OSSIM Fast Guide - AlienVault
OSSIM Fast Guide - AlienVault
Create successful ePaper yourself
Turn your PDF publications into a flip-book with our unique Google optimized e-Paper software.
<strong>OSSIM</strong> 2004/02/07. Real Secure. Spade. Any data from NTOP. Firewall-1. Iptables. Apache. IIS. Cisco Routers. Unix Servers- Normalization is performed with a configurable parser using XML files. Addingnew agents can be accomplished in a matter of hours.- Information from each detector is normally sent to the nearest sensor usingnative delivery capacity. <strong>OSSIM</strong> allows delivery using the following methods:. Snmp. Syslog. Rawsockets. SQL. OPSEC- Aggregation between sensor and server is executed using <strong>OSSIM</strong>’s proprietaryprotocol.- If encrypted communications and authentication is required, it can beestablished using tunnels at the application level, typically ssh or ssl.<strong>Fast</strong> <strong>Guide</strong> 3 http://www.ossim.net