Expand Cut Tags

No cut tags

free Unix intrusion detection systems?

Feb. 19th, 2008 02:15 pm
topaz: (qwrrty)
[personal profile] topaz
What intrusion detection toolkits does the modern Unix admin typically turn to?  Here are some of the ones I'm aware of:
I gather that these choices are not mutually incompatible, either (e.g. Tiger appears to provide a framework that may include Snort, chkrootkit and possibly others).

Those of you who have explored this issue in more depth than I have: what tools do you use and why?  Have you actually experienced an attack while guarded by any of these tools, and how did they perform?
  • Current Mood: geeky
Tags:
  • Add Memory
  • Share This Entry
Flat | Top-Level Comments Only

Date: 2008-02-19 08:41 pm (UTC)
jss: (lopsa)
From: [personal profile] jss
What previous responders have said. I've used chkrootkit, snort, and tripwire, as well as YASSP on Suns, plus md5 checksums of object or source code archives of stuff I've downloaded (not just for Linux, but for open source in general).
  • Add Memory
  • Share This Entry
Flat | Top-Level Comments Only

Profile

topaz: (Default)
Tim Pierce
Project Unchi

May 2018

S M T W T F S
  12345
6789101112
13141516171819
20212223242526
27282930 31  

Most Popular Tags

Page Summary

Style Credit

Page generated Mar. 5th, 2026 11:44 am
Powered by Dreamwidth Studios