Craig, It's used with a firewall, not in place of. A firewall is intended to keep the bad guys out in the first place. An IDS is designed to figure out that they got in anyway, and tell you what it was they messed with while they were there. Tripwire for instance keeps track of file sizes, dates (and I think a checksum) of important system files. If one of those attributes changes from one daily scan to the next, it tells you there's a problem.
Mark Post -----Original Message----- From: Kittendorf, Craig [mailto:[EMAIL PROTECTED]] Sent: Thursday, April 25, 2002 9:36 PM To: [EMAIL PROTECTED] Subject: Re: Intrusion Detection Software That leads to part 2 of the "newbie" question, How is "Intrusion Detection Software" different from a firewall? same as? Used instead of? used with but enhances? Thanks, Craig -----Original Message----- From: Gregg C Levine To: [EMAIL PROTECTED] Sent: 4/25/02 4:37 PM Subject: Re: Intrusion Detection Software Hello from Gregg C Levine While we are on the subject, has anyone succeeded in getting the ipchains setup to work correctly on their systems? As to your question, Craig, I am afraid, that I do not. ------------------- Gregg C Levine [EMAIL PROTECTED] ------------------------------------------------------------ "The Force will be with you...Always." Obi-Wan Kenobi "Use the Force, Luke."� Obi-Wan Kenobi (This company dedicates this E-Mail to General Obi-Wan Kenobi ) (This company dedicates this E-Mail to Master Yoda ) > -----Original Message----- > From: Linux on 390 Port [mailto:[EMAIL PROTECTED]] On Behalf Of > Kittendorf, Craig > Sent: Thursday, April 25, 2002 4:31 PM > To: [EMAIL PROTECTED] > Subject: Intrusion Detection Software > > Anyone have any experience/recommendations with Intrusion Detection > Software, e.g. tripwire, snort, etc. > > Thanks, > Craig Kittendorf > Systems Programmer
