We have Ossec running (flawlessly) on all of our SLES 9 and 10 servers along with Ossec agents on everything else. Ossec was the only useful tool we had in finding and eliminating a root-kit we were blessed with (thanks to an AXIS 207 camera) back in September 2008.
The difference between SLES and Redhat for our operation boiled down to having to replace Redhat because it proved to be wholly unreliable running our ERP system. We tried Microsoft Bob after that -- it didn't work either. Regarding ease of use: I got Ossec up and running with no problems. That means anyone can get it going. robm ________________________________________ From: [email protected] [[email protected]] On Behalf Of Bristol, Gary L. [[email protected]] Sent: Wednesday, February 04, 2009 8:42 AM To: [email protected] Subject: [ossec-list] Using OSSEC HIDS on SUSE I have another organization on Campus that would like to some sort of Host monitoring and they are running SUSE linux. I have recommended that they check out OSSEC HIDS as a product they can use to protect themselves against Access attacks, especially over SSH. Not knowing that much about SUSE Linux I wasn't sure what the differences there are between that and the Redhat Style variant. Does OSSEC HIDS support SUSE in the same way with ease of installation and Operation as it does for Redhat? thanks
