I am hoping someone on the PLUG might be able to help point me in the right direction.
For your production servers (running Linux of course :-), which software do you use for: 1. Intrusion detection (IDS) or intrusion prevention (IDP) and 2. File integrity monitoring Open source would be preferred, but not a requirement. I have been suggested such things as Tripwire, Snort, etc. What software do you find works best for you? Something that would work on CentOS (RHEL clone) would be preferred. Any suggestions? Thanks in advance, Kenneth /* PLUG: http://plug.org, #utah on irc.freenode.net Unsubscribe: http://plug.org/mailman/options/plug Don't fear the penguin. */
