3WoO Day 7.1: The OSSEC-O-Lantern

Halloween is a special time of year. It’s that one day where we confuse our children by telling them to not only take candy from strangers, but to go out and beg for it while dressed in an overpriced polyester superhero costume. It’s also the time of year for pumpkin carving.

This is something I have wanted to do for awhile now. Enter the OSSEC-O-Lantern. This is my first attempt at carving something other than a predictable toothy smile into a pumpkin. I thought the OSSEC logo would be perfect, so I gave it a shot.

This is what the pumpkin looks like before it is lit. For the center “eye,” I cut up a lens from a cheap kids pair of sunglasses.

And here is what it looks like lit up. Notice my feeble attempt at getting the OSSEC logo shading right.

As they say in the cartoons, that’s all folks!

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

Posted in Log Analysis Tagged with:
One comment on “3WoO Day 7.1: The OSSEC-O-Lantern
  1. Andy says:

    Hi,
    Sorry to half hijack this thread, but I am unable to find a contact page. I thought you might be interested in this GPL project we have just released…

    marketing
    We have just released some software and thought it might interest your readers for an article, blogpost or a mention?

    I have experimented with a few OSSEC web interfaces, and most are list driven (much like the official OSSEC WUI) or appear to be incomplete.

    Because of this we developed AnaLogi (Analytical Log Interface) to spot trends in graphs from hosts/levels/ruleID breakdowns and then let the user drill down to the specific alerts….
    http://cloud.github.com/downloads/ECSC/analogi/u%20AnaLogiOverview%201_01%20n.png
    http://cloud.github.com/downloads/ECSC/analogi/u%20AnaLogiDetail%201_01%20n.png

    ….the project is GPL and now on github….
    https://github.com/ECSC/analogi/downloads

    ….and has been published to the main OSSEC mailing list….
    https://groups.google.com/forum/?fromgroups#!topic/ossec-list/RmQX8LPDFVQ

    This is built upon OSSEC 2.6 and requires no changes (other than the existing official OSSEC walkthrough for MySQL).

    Hopefully you will find this as useful as we do! We would love for others to try it and would love to hear some feedback from the community.

    If you believe this may be of interest to your security minded readers and followers please feel free to mention it. If not, I hope it helps just you.
    /marketing

    Any questions, or if you would like to get in touch regarding this project drop me a line at andrew@ecsc.co.uk

    Kind Regards
    Andy

Leave a Reply

Your email address will not be published. Required fields are marked *

*