On Fri, Feb 09, 2001 at 03:59:02PM +0100, NDSoftware wrote: > Where i can find a good IDS for Debian ?
I guess snort falls in to this category and it's already packaged: apt-cache show snort Package: snort Priority: optional Section: net Installed-Size: 656 Maintainer: Christian Hammers <[EMAIL PROTECTED]> Architecture: powerpc Version: 1.6.3a-3 Depends: debconf (>= 0.2.80), adduser (>= 3.11), libc6 (>= 2.1.97), libpcap0 (>= 0.5.2-2) Filename: pool/main/s/snort/snort_1.6.3a-3_powerpc.deb Size: 253116 MD5sum: 481aaa957ba63ca51281e4565fe3e6fd Description: flexible packet sniffer/logger that detects attacks Snort is a libpcap-based packet sniffer/logger which can be used as a lightweight network intrusion detection system. It features rules based logging and can perform content searching/matching in addition to being used to detect a variety of other attacks and probes, such as buffer overflows, stealth port scans, CGI attacks, SMB probes, and much more. Snort has a real-time alerting capability, with alerts being sent to syslog, a separate "alert" file, or even to a Windows computer via Samba. -- Robert Ramiega | [EMAIL PROTECTED] IRC: _Jedi_ | Don't underestimate UIN: 13201047 | http://www.plukwa.net/ | the power of Source
