Re: Linux SuSe host base IDS.

From: Volker Kindermann (ml_at_ps102.de)
Date: 09/12/04

  • Next message: Cure, Samuel J: "RE: IPS, alternative solutions" 
    Date: Sun, 12 Sep 2004 10:05:42 +0200
To: focus-ids@securityfocus.com

    > Does anyone on this forum know of HOST BASE IDS for Linux SuSe?

    besides the already mentioned aide, osiris and tripwire, you may give samhain http://la-samhna.de/samhain/ a chance.

     -volker

    --------------------------------------------------------------------------
    Test Your IDS

    Is your IDS deployed correctly?
    Find out quickly and easily by testing it with real-world attacks from CORE IMPACT.
    Go to http://www.securityfocus.com/sponsor/CoreSecurity_focus-ids_040708 to learn more.
    --------------------------------------------------------------------------

  • Next message: Cure, Samuel J: "RE: IPS, alternative solutions"

    Relevant Pages

    • RE: can tripwire be used for sensor integrity???
      ... We have lots of users who use IDS Informer in this way to ensure that the $$ ... not caught out by a sensor going off line without knowing. ... tripwire does not detect LKM trojans or tampering. ... of kernel integrity protection. ...
      (Focus-IDS)
    • Re: Tripwire
      ... Although Tripwire sucks in innumerable ways, ... > Likewise with Samba browselists, a nessessity for getting MS browselists ... > My bets are more on some IDS, ... setting up the correlation rules isn't a cake walk ...
      (comp.os.linux.security)
    • Re: Linux SuSe host base IDS.
      ... aide (GPL). ... but I like tripwire the most. ... The only people for me are the mad ones -- the ones who are mad to live, ... Test Your IDS ...
      (Focus-IDS)
    • Re: can tripwire be used for sensor integrity???
      ... agent based, centrally managed ... And you can configure the Tripwire Policy ... >> protect your IDS setting integrity. ... >> you might use Tripwire for Servers as many hardware applicance IDS ...
      (Focus-IDS)
    • Re: can tripwire be used for sensor integrity???
      ... I would also recommend you look at the Veracity product from www.rocksoft.com. ... Tripwire for Network Devices - which supports Cisco IOS, CatOS, ... >protect your IDS setting integrity. ...
      (Focus-IDS)