Source Downloads

Latest development snapshots
Web UI
Latest Stable Release (2.8.3)  
Server/Agent Unix ossec-hids-2.8.3.tar.gzRelease Notes Unix Checksum  
Agent Windows ossec-agent-win32-2.8.3.exe Win Checksum  
Virtual Appliance ossec-vm-2.8.2.ovaREADME VA Checksum  

RPMs for RHEL, CentOS, Fedora and others

Available in the Atomicorp repository.

el5 i386
el5 x86_64
el6 i386
el6 x86_64
el5 i386
el5 x86_64
el6 i386
el6 x86_64
All 6 - 20

RPM Installation

To install with yum do the following:

# wget -q -O – | sh
# yum install ossec-hids ossec-hids-server (or ossec-hids-client for the agent)

DEBs for Debian and Ubuntu

Available in the Wazuh repository.

OSSEC Server Debian, Ubuntu
OSSEC Agent Debian, Ubuntu

DEB Installation

To install with apt-get do the following:

Step 1. Install the apt-get repository key:

# apt-key adv --fetch-keys

Step 2. Add the repository for Debian (available distributions are Sid, Jessie and Wheezy):

# echo ‘deb wheezy main’ >> /etc/apt/sources.list

Or add the repository for Ubuntu (available distributions are Precise, Trusty and Utopic):

# echo ‘deb precise main’ >> /etc/apt/sources.list

Step 3. Update the repository:

# apt-get update

Step 4. Install OSSEC HIDS server/manager:

# apt-get install ossec-hids

Or install OSSEC HIDS agent:

# apt-get install ossec-hids-agent

PGP key

Before you install any package from our project, we recommend that you verify it using our PGP key. Follow these two steps if you are not used to using gpg. You first need to import our public key:

ossec-test# wget
ossec-test# gpg –import OSSEC-PGP-KEY.asc

And then verify each file against its signature:

ossec-test# gpg –verify file.sig file

You should get the following result:

gpg: Signature made Tue 19 Jul 2011 03:13:58 PM BRT using RSA key ID A3901351
gpg: Good signature from “Daniel B. Cid ”
Primary key fingerprint: 6F11 9E06 487A AF17 C84C E48A 456B 17CF A390 1351

Note that the key expiration date was changed lately. If you get an warning saying “gpg: Note: This key has expired!”, make sure to update the key and run the “import” command again (as specified above).

Contribute back!

If you find ossec useful and would like to contribute back to the community, please contact us. We have a lot of work to do and any help is appreciated.