[GLLUG] Recommendation for IDS
17 May 2002 08:22:19 -0400
I'm trying to find a good IDS (intrusion detection system) solution for
a couple of my Linux and Solaris servers. After investigating a couple,
I'd prefer to go with something open source. Currently, I'm thinking of
using AIDE (open clone of Tripwire) for file system integrity, LogSentry
for monitoring the syslogs, and Snort for monitoring attack signatures.
I'm curious what others are using, or if I've missed an obvious
"all-inclusive" package (although those tend to worry me).