Using and Extending OSSEC

OSSEC (http://www.ossec.net) is a powerful, open source, client-server modeled host based intrustion detection system.  The attached slides were part of my presentation to the Educause Security Professionals conference in April 2010 as well as my presentation at the Infragard Philadelphia day of training in August 2010.