Re: [PLUG] Intrusion Detection/Prevention System

Jason Stelzer on 6 Jul 2010 07:09:31 -0700

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

Re: [PLUG] Intrusion Detection/Prevention System

From: Jason Stelzer <jason.stelzer@gmail.com>

To: "Philadelphia Linux User's Group Discussion List" <plug@lists.phillylinux.org>

Subject: Re: [PLUG] Intrusion Detection/Prevention System

Date: Tue, 6 Jul 2010 10:09:24 -0400

Reply-to: Philadelphia Linux User's Group Discussion List <plug@lists.phillylinux.org>

Sender: plug-bounces@lists.phillylinux.org

Snort is pretty cool from a network monitoring perspective. If you are looking for file system integrity checks, have a look at tripwire. http://www.linuxjournal.com/article/8758 The single most important thing with tripwire is to make sure that your file checksums are on read only media. If it turns out to be too clumsy, my apologies. But it might help you out. On Tue, Jul 6, 2010 at 10:03 AM, linc <linc@lincgeek.org> wrote: > Trotter Cashion wrote: >> Hey everyone, >> >> I need an intrusion detection / prevention system to both pass a >> security audit and keep my servers safe. Sadly, I know jack about this >> kind of software. Does anyone have any recommendations? Toby recommended >> Snort, which looks like it could be OK. Basically, just looking for >> something simple to setup / configure. Do those two words exist in >> combination with IDS? >> >> - Trotter >> >> >> ------------------------------------------------------------------------ >> >> ___________________________________________________________________________ >> Philadelphia Linux Users Group -- http://www.phillylinux.org >> Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce >> General Discussion -- http://lists.phillylinux.org/mailman/listinfo/plug > > OSSEC. > http://www.ossec.net/ > > > -- > -Linc Fessenden > > In the Beginning there was nothing, which exploded - Yeah right... > ___________________________________________________________________________ > Philadelphia Linux Users Group -- http://www.phillylinux.org > Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce > General Discussion -- http://lists.phillylinux.org/mailman/listinfo/plug > -- J. ___________________________________________________________________________ Philadelphia Linux Users Group -- http://www.phillylinux.org Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce General Discussion -- http://lists.phillylinux.org/mailman/listinfo/plug

Follow-Ups:

Re: [PLUG] Intrusion Detection/Prevention System
From: jeff <jeffv@op.net>

Re: [PLUG] Intrusion Detection/Prevention System
From: Doug Stewart <zamoose@gmail.com>

References:

[PLUG] Intrusion Detection/Prevention System
From: Trotter Cashion <cashion@gmail.com>

Re: [PLUG] Intrusion Detection/Prevention System
From: linc <linc@lincgeek.org>

Prev by Date: Re: [PLUG] Intrusion Detection/Prevention System

Next by Date: Re: [PLUG] Filtering Packets in Monitor Mode

Previous by thread: Re: [PLUG] Intrusion Detection/Prevention System

Next by thread: Re: [PLUG] Intrusion Detection/Prevention System

Index(es):

Date

Thread