Linux/*nix open source IDS

clmail2000_at_yahoo.com
Date: 08/12/03

  • Next message: Arian J. Evans: "RE: IDS is out of context--was-->IDS is dead, etc" 
    Date: 12 Aug 2003 05:29:26 -0000
To: focus-ids@securityfocus.com
    ('binary' encoding is not supported, stored as-is)

    Hello,

    I am interested in implementing an open source IDS for a Linux/*nix
    system and have been looking into various different ones and the
    sort of critiques they have received. Some of the products I am
    considering are Tripwire, AIDE, Samhain, Integrit, and Osiris.
    Because I had not been able to find very much commentary about
    such packages (except for Tripwire), I would like to ask what
    sort of experiences anyone has had with them and how they compare
    with one another. Alternatively, if you can point me to where I can
    find such information, that would also be much appreciated.

    Since the choice of an IDS depends on the system it is used to
    monitor, I should say I am presently just looking for something
    to protect my stand-alone Linux box, but I would like to learn
    what works for larger systems running any sort of *nix.

    Thanks in advance,
    Charles

    ---------------------------------------------------------------------------
    Captus Networks - Integrated Intrusion Prevention and Traffic Shaping
     - Instantly Stop DoS/DDoS Attacks, Worms & Port Scans
     - Automatically Control P2P, IM and Spam Traffic
     - Ensure Reliable Performance of Mission Critical Applications
    Precisely Define and Implement Network Security and Performance Policies
    **FREE Vulnerability Assessment Toolkit - WhitePapers - Live Demo
    Visit us at: http://www.captusnetworks.com/ads/31.htm
    ---------------------------------------------------------------------------

  • Next message: Arian J. Evans: "RE: IDS is out of context--was-->IDS is dead, etc"