Re: IDS for Unix
From: Callan Tham (callan.tham_at_securecirt.com)
To: Baron Biza <firstname.lastname@example.org> Date: Thu, 30 Jun 2005 12:07:03 +0800
On Thu, 2005-06-30 at 01:10 +0300, Baron Biza wrote:
> Hello, Im new in this list, I never used IDS, I want start with one
> for Unix (FreeBSD and Linux also), I know about Snort but there are a
> lot of rules to configure by hand,, the WIndows users of Snort have a
> program in graphic mode to configure their Snort, but we not :-(, is
> there any IDS good,with the same level,in graphic mode,or easiest to
> learn?,thnx,good luck.
Actually, there isn't much to configure rules-wise for Snort. The rules
are there, you just tell Snort if you want to use it in its config file.
If you want graphical management, take a look at SnortCenter. It can
manage both rules and config files centrally, and is easy to setup and
But hey, nothing beats vim and a good read of the Snort manual if you're
on a *nix platform. Even with SnortCenter, the Snort User Manual is a
must read if you want to know more about writing rules.
Good luck, and have fun!
- application/pgp-signature attachment: This is a digitally signed message part