OSSEC Downloads

Source Downloads

Latest Stable Release (3.3.0) Checksum Signature
Server/Agent Unix ossec-hids-3.3.0.tar.gzRelease Notes GPG Unix
Agent Windows ossec-agent-win32-3.1.0.exe GPG Windows
Chocolatey Package ossec-client.3.2.0.nupkg
Virtual Appliance ossec-vm-2.9.3.ovaREADME VA Checksum
Docker Container atomicorp/ossec-docker
v3.3.0 Download Checksum Signature
Unix Server/Agent ossec-hids-3.3.0.tar.gz SHA256

34fac7664548ddfeea96cb0567df4eda7515cc107625eb25315a5c3522954197

GPG-unix-v3
Windows Agent ossec-agent-win32-3.3.0.exe SHA256 e60a87fee3fbcba6ad6eb6abcb052eb2f6c79766e468f50c5615e6cc4a92b600 GPG-windows-v3

RHEL, CentOS, Fedora and others

Available in the Atomicorp repository.

Ubuntu, and Debian

Yum/DNF Automated Installation on Centos, Redhat, Amazon Linux or Fedora

Automated installer:

# Add Yum repo configuration
wget -q -O - https://updates.atomicorp.com/installers/atomic | sudo bash

# Server
sudo yum install ossec-hids-server

# Agent
sudo yum install ossec-hids-agent

Manual Yum/DNF installation on Centos, Redhat, Amazon Linux or Fedora

  1. Download the atomic-release file for your distribution
  2. Install the atomic-release package (Note: This includes the OSSEC GPG key)
sudo rpm -Uvh atomic-release*rpm
  1. Install ossec package
# Server
sudo yum install ossec-hids server

# Agent
sudo yum install ossec-hids-agent

APT Automated Installation on Ubuntu and Debian

# Add Apt sources.lst
wget -q -O - https://updates.atomicorp.com/installers/atomic | sudo bash

# Update apt data
sudo apt-get update

# Server
sudo apt-get install ossec-hids-server

# Agent
sudo apt-get install ossec-hids-agent

Manual APT Installation on Ubuntu and Debian

  1. Add the GPG key
wget -q -O - https://www.atomicorp.com/RPM-GPG-KEY.atomicorp.txt  | sudo apt-key add -
  1. Add the repo configuration to sources.list
source /etc/lsb-release

# Ubuntu
echo "deb https://updates.atomicorp.com/channels/atomic/ubuntu $DISTRIB_CODENAME main" >>  /etc/apt/sources.list.d/atomic.list

# Debian
echo "deb https://updates.atomicorp.com/channels/atomic/debian $DISTRIB_CODENAME main" >>  /etc/apt/sources.list.d/atomic.list
  1. Install Agent or Server
# Update apt data
sudo apt-get update

# Server
sudo apt-get install ossec-hids-server

# Agent
sudo apt-get install ossec-hids-agent

GPG / PGP key

Key Manual Download Link
Package Signing Key https://www.atomicorp.com/RPM-GPG-KEY.atomicorp.txt

Before you install any package from our project, we recommend that you
verify it using our PGP key. Follow these two steps if you are not used
to using gpg. You first need to import our public key:

# wget https://www.atomicorp.com/OSSEC-ARCHIVE-KEY.asc
# gpg --import OSSEC-ARCHIVE-KEY.asc

And then verify each file against its signature:

ossec-test# gpg --verify file.asc

You should get the following result:

gpg: Signature made Tue 20 Dec 2016 11:35:58 AM EST using RSA key ID 2D8387B7
gpg: Good signature from "Scott R. Shinn <scott@atomicorp.com>"
Primary key fingerprint: B50F B194 7A0A E311 45D0  5FAD EE1B 0E6B 2D83 87B7

Note that the signing key was changed in December 2016. The previous signing key
“6F11 9E06 487A AF17 C84C E48A 456B 17CF A390 1351” has expired. If you get an warning
saying “gpg: Note: This key has expired!”, make sure to update the key and run the
“import” command again (as specified above).

Contribute back!

If you find ossec useful and would like to contribute back to the
community, please contact us. We have a lot of work to do and any help
is appreciated.