Re: Linux SuSe host base IDS.

From: Brian Wotring (brian_at_shmoo.com)
Date: 09/10/04

  • Next message: Michael Rash: "Re: portsentry" 
    Date: Fri, 10 Sep 2004 08:03:21 -0600

    You might find Osiris useful:

         <http://osiris.shmoo.com>

    -brian

    Jose Maria Lopez wrote:

    > El jue, 19 de 08 de 2004 a las 19:32, Dennis Carter escribió:
    >
    >>Does anyone on this forum know of HOST BASE IDS for Linux SuSe?
    >>
    >>Thanks
    >>
    >>Dennis
    >
    > You have tripwire (a commercial product with a GPL version) and
    > aide (GPL). Both are very similar, but I like tripwire the most.

    --------------------------------------------------------------------------
    Test Your IDS

    Is your IDS deployed correctly?
    Find out quickly and easily by testing it with real-world attacks from CORE IMPACT.
    Go to http://www.securityfocus.com/sponsor/CoreSecurity_focus-ids_040708 to learn more.
    --------------------------------------------------------------------------

  • Next message: Michael Rash: "Re: portsentry"

    Relevant Pages

    • RE: can tripwire be used for sensor integrity???
      ... We have lots of users who use IDS Informer in this way to ensure that the $$ ... not caught out by a sensor going off line without knowing. ... tripwire does not detect LKM trojans or tampering. ... of kernel integrity protection. ...
      (Focus-IDS)
    • Re: Tripwire
      ... Although Tripwire sucks in innumerable ways, ... > Likewise with Samba browselists, a nessessity for getting MS browselists ... > My bets are more on some IDS, ... setting up the correlation rules isn't a cake walk ...
      (comp.os.linux.security)
    • Re: Linux SuSe host base IDS.
      ... aide (GPL). ... but I like tripwire the most. ... The only people for me are the mad ones -- the ones who are mad to live, ... Test Your IDS ...
      (Focus-IDS)
    • Re: can tripwire be used for sensor integrity???
      ... agent based, centrally managed ... And you can configure the Tripwire Policy ... >> protect your IDS setting integrity. ... >> you might use Tripwire for Servers as many hardware applicance IDS ...
      (Focus-IDS)
    • Re: can tripwire be used for sensor integrity???
      ... I would also recommend you look at the Veracity product from www.rocksoft.com. ... Tripwire for Network Devices - which supports Cisco IOS, CatOS, ... >protect your IDS setting integrity. ...
      (Focus-IDS)