You can also try a HIDS (Host-based IDS) like Ossec. It differs from Snort (NIDS) by analysing logs instead of network traffic like Snort. So you see they look at different things for detection. Ossec is client-server model that is available for Linux and Windows. The last time I worked with it, there was only a client version for Windows. So to monitior a Windows system you need a Ossec server installed somewhere else.
Navneet > On Sat, 4 Jul 2009, skommar21 wrote: > > > Hi All, > > > > How can one detect/ Check whether his system has been > > intruded? > > > > > > can any body please explain the task / activities required to > > check whether his system has been compromised. > > > > > > Are there any good open source software which are good > > detecting sypware, Mal ware and other forms which are threat > > to data . > > > > Thanks sridhar > >
