IDS mailing list archives
Re: Linux based HIDS
From: Nicolas Delon <delon.nicolas () wanadoo fr>
Date: Sat, 25 Oct 2003 09:05:37 +0200
Milind Nanal wrote:
Hi,
Hello,
I am looking for good , free , open source HIDS for Linux server. The tool which detects :-Attacks on Red Hat Linux OS. Analysis system log Carry our file level audit (like tripwire) all in one product.
<disclaimer> I am a Prelude-IDS developer </disclaimer> You can use prelude-lml to analyze log files.prelude-lml is a component of Prelude-IDS, an open source hybrid and distributed IDS under the GPL license.
Prelude-IDS provides two main sensors: * prelude-lml (syslog files analyze via rulesets) * prelude-nids (an NIDS which is snort rules compliant)Despite tripwire is not Prelude-IDS aware for the moment, it could be patched to using libprelude (the core library of each Prelude-IDS programs) and thus, reports alerts to a prelude manager.
Prelude-IDS: http://www.prelude-ids.org Best regards. -- "The only way to stop open source is to make it illegal." - Bruce Perens --------------------------------------------------------------------------- Network with over 10,000 of the brightest minds in information security at the largest, most highly-anticipated industry event of the year. Don't miss RSA Conference 2004! Choose from over 200 class sessions and see demos from more than 250 industry vendors. If your job touches security, you need to be here. Learn more or register athttp://www.securityfocus.com/sponsor/RSA_focus-ids_031023 and use priority code SF4.
---------------------------------------------------------------------------
Current thread:
- Linux based HIDS Milind Nanal (Oct 14)
- Re: Linux based HIDS Daniel Cid (Oct 24)
- Re: Linux based HIDS Nicolas Delon (Oct 27)