IDS mailing list archives
Re: Linux/*nix open source IDS
From: Giovanni Vigna <vigna () cs ucsb edu>
Date: Tue, 12 Aug 2003 18:42:04 -0700 (PDT)
You may want to check out USTAT/linSTAT/WinSTAT at http://www.cs.ucsb.edu/~rsg/STAT Let me know if you have questions G On 12 Aug 2003 clmail2000 () yahoo com wrote:
Hello, I am interested in implementing an open source IDS for a Linux/*nix system and have been looking into various different ones and the sort of critiques they have received. Some of the products I am considering are Tripwire, AIDE, Samhain, Integrit, and Osiris. Because I had not been able to find very much commentary about such packages (except for Tripwire), I would like to ask what sort of experiences anyone has had with them and how they compare with one another. Alternatively, if you can point me to where I can find such information, that would also be much appreciated. Since the choice of an IDS depends on the system it is used to monitor, I should say I am presently just looking for something to protect my stand-alone Linux box, but I would like to learn what works for larger systems running any sort of *nix. Thanks in advance, Charles --------------------------------------------------------------------------- Captus Networks - Integrated Intrusion Prevention and Traffic Shaping - Instantly Stop DoS/DDoS Attacks, Worms & Port Scans - Automatically Control P2P, IM and Spam Traffic - Ensure Reliable Performance of Mission Critical Applications Precisely Define and Implement Network Security and Performance Policies **FREE Vulnerability Assessment Toolkit - WhitePapers - Live Demo Visit us at: http://www.captusnetworks.com/ads/31.htm ---------------------------------------------------------------------------
-- Giovanni Vigna University of California Santa Barbara - Dept. of Computer Science http://www.cs.ucsb.edu/~vigna --------------------------------------------------------------------------- Captus Networks - Integrated Intrusion Prevention and Traffic Shaping - Instantly Stop DoS/DDoS Attacks, Worms & Port Scans - Automatically Control P2P, IM and Spam Traffic - Ensure Reliable Performance of Mission Critical Applications Precisely Define and Implement Network Security and Performance Policies **FREE Vulnerability Assessment Toolkit - WhitePapers - Live Demo Visit us at: http://www.captusnetworks.com/ads/31.htm ---------------------------------------------------------------------------
Current thread:
- Linux/*nix open source IDS clmail2000 (Aug 12)
- Re: Linux/*nix open source IDS Paul Schmehl (Aug 12)
- Re: Linux/*nix open source IDS Ralf Spenneberg (Aug 13)
- Re: Linux/*nix open source IDS clmail2000 (Aug 19)
- Re: Linux/*nix open source IDS Giovanni Vigna (Aug 13)
- <Possible follow-ups>
- Re: Linux/*nix open source IDS Matt . Carpenter (Aug 12)
- Re: Linux/*nix open source IDS Paul Schmehl (Aug 12)