OSSIM

OSSIM
OSSIM
OSSIM Web Framework
OSSIM Web Framework
Developer(s) AlienVault
Stable release 3.0.0 / September 6, 2011
Operating system Linux
Type Security / IDS
License GNU General Public License
Website www.alienvault.com

OSSIM, or the Open Source Security Information Management, is a collection of tools designed to aid network administrators in computer security, intrusion detection and prevention.

The project's goal is to provide a comprehensive collection of tools to grant an administrator a view of all the security-related aspects of their system. OSSIM also provides a strong correlation engine, with detailed low-, mid- and high-level visualization interfaces as well as reporting and incident managing tools. The ability to act as an intrusion-prevention system based on correlated information from virtually any source results in a useful security tool. All this information can be filtered by network or sensor in order to provide just the information needed by specific users, allowing for a fine grained multi-user security environment.

Components

Ossim features the following software components:

  • Arpwatch, used for MAC address anomaly detection.
  • P0f, used for passive OS detection and OS change analysis.
  • Pads, used for service anomaly detection.
  • Nessus, used for vulnerability assessment and for cross correlation (Intrusion detection system (IDS) vs Vulnerability Scanner).
  • Snort, used as a Intrusion detection system (IDS), and also used for cross correlation with Nessus.
  • Spade, the statistical packet anomaly detection engine. Used to gain knowledge about attacks without signature.
  • Tcptrack, used for session data information which can grant useful information for attack correlation.
  • Ntop, which builds an impressive network information database for aberrant behaviour anomaly detection.
  • Nagios, used to monitor host and service availability information based on a host asset database.
  • Osiris, a Host-based intrusion detection system (HIDS).
  • Snare, a log collector for windows systems.
  • OSSEC, a host based IDS.
  • OSSIM also includes self developed tools, the most important being a generic correlation engine with logical directive support and logs integration with plugins.

External links



Wikimedia Foundation. 2010.

Игры ⚽ Нужно решить контрольную?

Look at other dictionaries:

  • OSSIM — Die Abkürzung OSSIM steht für: Open Source Security Information Management Open Source Software Image Map, Software Projekt, betreut durch die Open Source Geospatial Foundation Diese Seite ist eine Begriffsklärung zur Unterscheidung mehrerer mit… …   Deutsch Wikipedia

  • Open Source Security Information Management — OSSIM OSSIM Web Framework Desarrollador AlienVault www.alienvault.com …   Wikipedia Español

  • Ossi — Ossim Ostfriese.(Kosewörtliche)Kurzform,aufgekommen1970/71mitdenOstfriesenwitzen …   Wörterbuch der deutschen Umgangssprache

  • National Imagery Transmission Format — The National Imagery Transmission Format Standard (NITFS) is a U.S. Department of Defense (DoD) and Federal Intelligence Community (IC) suite of standards for the exchange, storage, and transmission of digital imagery products and image related… …   Wikipedia

  • Remote sensing application — A remote sensing application is a software application that processes remote sensing data. Remote sensing applications are similar to graphics software, but they enable generating geographic information from satellite and airborne sensor data.… …   Wikipedia

  • GRASS GIS — GRASS GIS …   Deutsch Wikipedia

  • GeoServer — Entwickler OpenGeo Aktuelle Version 2.1.2 (6. Oktober 2011) Betriebssystem …   Deutsch Wikipedia

  • GeoTools — Aktuelle Version 2.7.0 (23. März 2011) Betriebssystem Java Plattform Kategorie …   Deutsch Wikipedia

  • Geospatial Data Abstraction Library — Entwickler Open Source Geospatial Foundation Aktuelle Version 1.8.1 (Juli 2011) …   Deutsch Wikipedia

  • Mapbender — WebGIS Client Suite Basisdaten Entwickler Mapbender Developer Team Aktuelle Version 2.7.2 (26. Juli 2011) …   Deutsch Wikipedia

Share the article and excerpts

Direct link
Do a right-click on the link above
and select “Copy Link”