Re: Linux/*nix open source IDS
From: Giovanni Vigna (vigna_at_cs.ucsb.edu)
Date: 08/13/03
- Previous message: Martin Roesch: "Re: Belaboring the point of FPs"
- In reply to: clmail2000_at_yahoo.com: "Linux/*nix open source IDS"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Tue, 12 Aug 2003 18:42:04 -0700 (PDT) To: clmail2000@yahoo.com
You may want to check out USTAT/linSTAT/WinSTAT
at http://www.cs.ucsb.edu/~rsg/STAT
Let me know if you have questions
G
On 12 Aug 2003 clmail2000@yahoo.com wrote:
>
>
> Hello,
>
> I am interested in implementing an open source IDS for a Linux/*nix
> system and have been looking into various different ones and the
> sort of critiques they have received. Some of the products I am
> considering are Tripwire, AIDE, Samhain, Integrit, and Osiris.
> Because I had not been able to find very much commentary about
> such packages (except for Tripwire), I would like to ask what
> sort of experiences anyone has had with them and how they compare
> with one another. Alternatively, if you can point me to where I can
> find such information, that would also be much appreciated.
>
> Since the choice of an IDS depends on the system it is used to
> monitor, I should say I am presently just looking for something
> to protect my stand-alone Linux box, but I would like to learn
> what works for larger systems running any sort of *nix.
>
> Thanks in advance,
> Charles
>
> ---------------------------------------------------------------------------
> Captus Networks - Integrated Intrusion Prevention and Traffic Shaping
> - Instantly Stop DoS/DDoS Attacks, Worms & Port Scans
> - Automatically Control P2P, IM and Spam Traffic
> - Ensure Reliable Performance of Mission Critical Applications
> Precisely Define and Implement Network Security and Performance Policies
> **FREE Vulnerability Assessment Toolkit - WhitePapers - Live Demo
> Visit us at: http://www.captusnetworks.com/ads/31.htm
> ---------------------------------------------------------------------------
>
-- Giovanni Vigna University of California Santa Barbara - Dept. of Computer Science http://www.cs.ucsb.edu/~vigna --------------------------------------------------------------------------- Captus Networks - Integrated Intrusion Prevention and Traffic Shaping - Instantly Stop DoS/DDoS Attacks, Worms & Port Scans - Automatically Control P2P, IM and Spam Traffic - Ensure Reliable Performance of Mission Critical Applications Precisely Define and Implement Network Security and Performance Policies **FREE Vulnerability Assessment Toolkit - WhitePapers - Live Demo Visit us at: http://www.captusnetworks.com/ads/31.htm ---------------------------------------------------------------------------
- Previous message: Martin Roesch: "Re: Belaboring the point of FPs"
- In reply to: clmail2000_at_yahoo.com: "Linux/*nix open source IDS"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
