IDS/IPS and File Integrity Monitory Systems

Kenneth Burgener kenneth at mail1.ttak.org
Fri Sep 28 23:24:59 MDT 2007


Kenneth Burgener wrote:
> I am hoping someone on the PLUG might be able to help point me in the
> right direction.
> 
> For your production servers (running Linux of course :-), which software
> do you use for:
> 
> 1. Intrusion detection (IDS) or intrusion prevention (IDP)
> 2. File integrity monitoring
> 
> Open source would be preferred, but not a requirement.
> 
> I have been suggested such things as Tripwire, Snort, etc.  What
> software do you find works best for you?
> 
> Something that would work on CentOS (RHEL clone) would be preferred. 
> Any suggestions?


Just wondering if anyone else might have other suggestions, or if OSSEC
is the only good option?



More information about the PLUG mailing list