http://osiris.shmoo.com (integrates with http://www.ossim.net/ ) and http://la-samhna.de/samhain/ (integrates with http://www.prelude-ids.org/ )
are the other two I read a lot about. Unfortunately I haven't used either. On 9/28/07, Kenneth Burgener <[EMAIL PROTECTED]> wrote: > Kenneth Burgener wrote: > > I am hoping someone on the PLUG might be able to help point me in the > > right direction. > > > > For your production servers (running Linux of course :-), which software > > do you use for: > > > > 1. Intrusion detection (IDS) or intrusion prevention (IDP) > > 2. File integrity monitoring > > > > Open source would be preferred, but not a requirement. > > > > I have been suggested such things as Tripwire, Snort, etc. What > > software do you find works best for you? > > > > Something that would work on CentOS (RHEL clone) would be preferred. > > Any suggestions? > > > Just wondering if anyone else might have other suggestions, or if OSSEC > is the only good option? > > /* > PLUG: http://plug.org, #utah on irc.freenode.net > Unsubscribe: http://plug.org/mailman/options/plug > Don't fear the penguin. > */ > /* PLUG: http://plug.org, #utah on irc.freenode.net Unsubscribe: http://plug.org/mailman/options/plug Don't fear the penguin. */
