IDS mailing list archives

Best Host IDS Tools

From: "frank" <chocobofrank () hotmail com>
Date: Tue, 24 Dec 2002 12:37:26 +0800

I have just setup my Web server on solaris platform and is planning to
deploy a freeware IDS. Now I am evaluating the below IDS tools :-
AIDE
Snort
Tripwire
Chkrootkit

and would like to have the comments from everyone on which is the best IDS
tools ? Or what is the best combination so that I can mix them together to
form a more complete IDS enabled environment. Or is there any other better
free IDS tools available ?

Below is the criteria of my evaluation.

1. CPU Loading/Utilization - Is the IDS resouce hungry ?
2. Disk Consumption - Is that too much log generated ?
3. Usability - Is the IDS ease of configuration and reconfiguration ? Or
have to take days in order to configure it properly ?
4. Completeness - Can the IDS detect most of the intrusion ?
5. Extendability - Can the IDS detect new intrusion ?

Any comments are much appreciated.

Frank

Current thread:

Best Host IDS Tools frank (Dec 24)
- Re: Best Host IDS Tools Bryan Strong (Dec 27)
- RE: Best Host IDS Tools Rob Shein (Dec 27)
- Re: Best Host IDS Tools Frank Knobbe (Dec 27)
- Re: Best Host IDS Tools Jerry (Dec 27)
  - Re: Best Host IDS Tools Frank Cheong (Dec 27)