There are some big difference. Centralized collection and administration. Separation of duties. Single product for the whole org. I emailed James offlist since we are pursuing the same product.
But if you don't have those compliance requirements, then aide could work for you (although I spent a little time with it and couldn't get it to notice my changes - but that could have just been me :) Marcy "This message may contain confidential and/or privileged information. If you are not the addressee or authorized to receive this for the addressee, you must not use, copy, disclose, or take any action based on this message or any information herein. If you have received this message in error, please advise the sender immediately by reply e-mail and delete this message. Thank you for your cooperation." -----Original Message----- From: Linux on 390 Port [mailto:[email protected]] On Behalf Of Mark Post Sent: Thursday, September 17, 2009 1:45 PM To: [email protected] Subject: Re: [LINUX-390] intrusion detection on the zLinux Platform >>> On 9/17/2009 at 12:33 PM, "CHAPLIN, JAMES (CTR)" <[email protected]> wrote: > Is there a host based intrusion detection agent like Symantec's CSP for > the s390x platform? If you're running SLES, aide comes with the distribution. It's a Tripwire-like tool that will track modifications of files, etc. Mark Post ---------------------------------------------------------------------- For LINUX-390 subscribe / signoff / archive access instructions, send email to [email protected] with the message: INFO LINUX-390 or visit http://www.marist.edu/htbin/wlvindex?LINUX-390 ---------------------------------------------------------------------- For LINUX-390 subscribe / signoff / archive access instructions, send email to [email protected] with the message: INFO LINUX-390 or visit http://www.marist.edu/htbin/wlvindex?LINUX-390
