Based on what I am reading, I would *replace* AIDE, PSAD, Fail2Ban, rkhunter and chkrootkit with OSSEC. Is my understanding correct?
And then, if I am using UFW, I would have to update OSSEC to ban IPs through UFW instead of through iptables directly. So then all I would need is UFW, OSSEC, and ClamAV (for AV). Thoughts? -- --- You received this message because you are subscribed to the Google Groups "ossec-list" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. For more options, visit https://groups.google.com/d/optout.
