IDS/IPS and File Integrity Monitory Systems

Kenneth Burgener kenneth at
Thu Sep 27 17:47:20 MDT 2007

I am hoping someone on the PLUG might be able to help point me in the
right direction.

For your production servers (running Linux of course :-), which software
do you use for:

1. Intrusion detection (IDS) or intrusion prevention (IDP)
2. File integrity monitoring

Open source would be preferred, but not a requirement.

I have been suggested such things as Tripwire, Snort, etc.  What
software do you find works best for you?

Something that would work on CentOS (RHEL clone) would be preferred. 
Any suggestions?

Thanks in advance,

More information about the PLUG mailing list