I was wondering if anyone has installed OSSEC with ebox. I've used OSSEC before and I'd like to install it on the same box as ebox, but since it modifies the iptables in real-time, it might mess up ebox's firewall. I like ebox's firewall, it reminds me a lot of cisco routers, but I like OSSEC's active protection and intrusion detection notifications too.
http://www.ossec.net/ Check it out if you don't know about it - it's pretty good, open source and free.
OSSEC also is working on a web interface in php, maybe the ebox team could integrate it into the ebox interface and add intrusion detection to the list of features with a small effort..?
A cut from the front page:
SSEC is an Open Source Host-based Intrusion Detection System. It performs log analysis, integrity checking, Windows registry monitoring, rootkit detection, real-time alerting and active response.
It runs on most operating systems, including Linux, OpenBSD, FreeBSD, MacOS, Solaris and Windows.
It runs limited in Windows.