Re: Linux/*nix open source IDS
From: Paul Schmehl (pauls_at_utdallas.edu)
Date: 08/12/03
- Previous message: Thiago Mello: "Alert Correlation"
- In reply to: clmail2000_at_yahoo.com: "Linux/*nix open source IDS"
- Next in thread: Ralf Spenneberg: "Re: Linux/*nix open source IDS"
- Reply: Ralf Spenneberg: "Re: Linux/*nix open source IDS"
- Reply: clmail2000: "Re: Linux/*nix open source IDS"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Tue, 12 Aug 2003 11:58:18 -0500 To: clmail2000@yahoo.com, focus-ids@securityfocus.com
I highly recommend that you look in to the Sentry Tools (on Sourcefire).
They're great for standalone boxes, easy to set up (but read the
instructions *carefully* or you will lock yourself out of your own box
except for the console), and easy to admin.
--On Tuesday, August 12, 2003 5:29 AM +0000 clmail2000@yahoo.com wrote:
>
> I am interested in implementing an open source IDS for a Linux/*nix
> system and have been looking into various different ones and the
> sort of critiques they have received. Some of the products I am
> considering are Tripwire, AIDE, Samhain, Integrit, and Osiris.
> Because I had not been able to find very much commentary about
> such packages (except for Tripwire), I would like to ask what
> sort of experiences anyone has had with them and how they compare
> with one another. Alternatively, if you can point me to where I can
> find such information, that would also be much appreciated.
Paul Schmehl (pauls@utdallas.edu)
Adjunct Information Security Officer
The University of Texas at Dallas
AVIEN Founding Member
http://www.utdallas.edu
---------------------------------------------------------------------------
Captus Networks - Integrated Intrusion Prevention and Traffic Shaping
- Instantly Stop DoS/DDoS Attacks, Worms & Port Scans
- Automatically Control P2P, IM and Spam Traffic
- Ensure Reliable Performance of Mission Critical Applications
Precisely Define and Implement Network Security and Performance Policies
**FREE Vulnerability Assessment Toolkit - WhitePapers - Live Demo
Visit us at: http://www.captusnetworks.com/ads/31.htm
---------------------------------------------------------------------------
- Previous message: Thiago Mello: "Alert Correlation"
- In reply to: clmail2000_at_yahoo.com: "Linux/*nix open source IDS"
- Next in thread: Ralf Spenneberg: "Re: Linux/*nix open source IDS"
- Reply: Ralf Spenneberg: "Re: Linux/*nix open source IDS"
- Reply: clmail2000: "Re: Linux/*nix open source IDS"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
