IDS/IPS and File Integrity Monitory Systems
curzonj at gmail.com
Sat Sep 29 17:21:57 MDT 2007
http://osiris.shmoo.com (integrates with http://www.ossim.net/ )
http://la-samhna.de/samhain/ (integrates with http://www.prelude-ids.org/ )
are the other two I read a lot about. Unfortunately I haven't used either.
On 9/28/07, Kenneth Burgener <kenneth at mail1.ttak.org> wrote:
> Kenneth Burgener wrote:
> > I am hoping someone on the PLUG might be able to help point me in the
> > right direction.
> > For your production servers (running Linux of course :-), which software
> > do you use for:
> > 1. Intrusion detection (IDS) or intrusion prevention (IDP)
> > 2. File integrity monitoring
> > Open source would be preferred, but not a requirement.
> > I have been suggested such things as Tripwire, Snort, etc. What
> > software do you find works best for you?
> > Something that would work on CentOS (RHEL clone) would be preferred.
> > Any suggestions?
> Just wondering if anyone else might have other suggestions, or if OSSEC
> is the only good option?
> PLUG: http://plug.org, #utah on irc.freenode.net
> Unsubscribe: http://plug.org/mailman/options/plug
> Don't fear the penguin.
More information about the PLUG