http://osiris.shmoo.com (integrates with http://www.ossim.net/ )
and
http://la-samhna.de/samhain/ (integrates with http://www.prelude-ids.org/ )
are the other two I read a lot about. Unfortunately I haven't used either.
On 9/28/07, Kenneth Burgener [EMAIL PROTECTED] wrote:
Kenneth Burgener
Kenneth Burgener wrote:
I am hoping someone on the PLUG might be able to help point me in the
right direction.
For your production servers (running Linux of course :-), which software
do you use for:
1. Intrusion detection (IDS) or intrusion prevention (IDP)
2. File integrity monitoring
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
On 9/27/07, Kenneth Burgener [EMAIL PROTECTED] wrote:
For your production servers (running Linux of course :-), which software
do you use for:
1. Intrusion detection (IDS) or intrusion prevention (IDP)
and
2. File integrity monitoring
Colby W. wrote:
Kenneth,
Take a look at OSSEC HIDS (http://www.ossec.net).
Thanks Colby, that looks like a good suggestion. Have you used OSSEC
HIDS in a production environment? Is it pretty reliable?
Kenneth
/*
PLUG: http://plug.org, #utah on irc.freenode.net
Unsubscribe:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
On 9/27/07, Kenneth Burgener [EMAIL PROTECTED] wrote:
Colby W. wrote:
Kenneth,
Take a look at OSSEC HIDS (http://www.ossec.net).
Thanks Colby, that looks like a good suggestion. Have you used OSSEC
HIDS in a production environment? Is it