IDS/IPS and File Integrity Monitory Systems

Jordan Curzon curzonj at gmail.com
Sat Sep 29 17:21:57 MDT 2007


http://osiris.shmoo.com (integrates with http://www.ossim.net/ )
and
http://la-samhna.de/samhain/ (integrates with http://www.prelude-ids.org/ )

are the other two I read a lot about. Unfortunately I haven't used either.

On 9/28/07, Kenneth Burgener <kenneth at mail1.ttak.org> wrote:
> Kenneth Burgener wrote:
> > I am hoping someone on the PLUG might be able to help point me in the
> > right direction.
> >
> > For your production servers (running Linux of course :-), which software
> > do you use for:
> >
> > 1. Intrusion detection (IDS) or intrusion prevention (IDP)
> > 2. File integrity monitoring
> >
> > Open source would be preferred, but not a requirement.
> >
> > I have been suggested such things as Tripwire, Snort, etc.  What
> > software do you find works best for you?
> >
> > Something that would work on CentOS (RHEL clone) would be preferred.
> > Any suggestions?
>
>
> Just wondering if anyone else might have other suggestions, or if OSSEC
> is the only good option?
>
> /*
> PLUG: http://plug.org, #utah on irc.freenode.net
> Unsubscribe: http://plug.org/mailman/options/plug
> Don't fear the penguin.
> */
>



More information about the PLUG mailing list