Hosting Provided By

Linux/*nix open source IDS

From: <clmail2000(at)yahoo.com>
Date: Tue Aug 12 2003 - 01:29:26 EDT

('binary' encoding is not supported, stored as-is)

Hello,

I am interested in implementing an open source IDS for a Linux/*nix system and have been looking into various different ones and the sort of critiques they have received. Some of the products I am considering are Tripwire, AIDE, Samhain, Integrit, and Osiris. Because I had not been able to find very much commentary about such packages (except for Tripwire), I would like to ask what sort of experiences anyone has had with them and how they compare with one another. Alternatively, if you can point me to where I can find such information, that would also be much appreciated.

Since the choice of an IDS depends on the system it is used to monitor, I should say I am presently just looking for something to protect my stand-alone Linux box, but I would like to learn what works for larger systems running any sort of *nix.

Thanks in advance,
Charles

Captus Networks - Integrated Intrusion Prevention and Traffic Shaping

Instantly Stop DoS/DDoS Attacks, Worms & Port Scans
Automatically Control P2P, IM and Spam Traffic
Ensure Reliable Performance of Mission Critical Applications Precisely Define and Implement Network Security and Performance Policies **FREE Vulnerability Assessment Toolkit - WhitePapers - Live Demo Visit us at: http://www.captusnetworks.com/ads/31.htm

Received on Tue Aug 12 12:20:05 2003

This message: [ Message body ]
Next message: Arian J. Evans: "RE: IDS is out of context--was-->IDS is dead, etc"
Previous message: Paul Schmehl: "Belaboring the point of FPs"
Next in thread: Paul Schmehl: "Re: Linux/*nix open source IDS"
Reply: Paul Schmehl: "Re: Linux/*nix open source IDS"
Reply: Giovanni Vigna: "Re: Linux/*nix open source IDS"

Contemporary messages sorted: [ By Date ] [ By Thread ] [ By Subject ] [ By Author ] [ By messages with attachments ]

This archive was generated by hypermail 2.1.8 : Wed Aug 23 2006 - 14:01:17 EDT