IDS mailing list archives

RE: Are there any other open sources IDS that not based on snort?

From: Bob Radvanovsky <rsradvan () unixworks net>
Date: 24 Feb 2004 14:33:52 -0000



Here's one that I completely found by accident.  It's called SENTINIX, and
is a compilation developed utilizing the GNU/Linux (aka Debian) environment.
The compilation is nicely put together, and works out-of-da-box,
incorporating several monitoring utilities (and their functionalities):

        snort
        snortcenter (which includes acid)
        cacti
        rrdtool
        mysql
        nessus
        postfix
        mailscanner
        spamassassin
        apache
        python
        openmosix (HA clustering)
        php
        perl
        ... and more.

I have recently installed it on one of my servers at home -- all I can say
is "schweet".  THe program prompts you as you go along, and is fairly
explanatory to those who know very little about IDS or setting
up/configuring IDS.  For the small to medium-sized business, this
compilation seems to work, and is fairly robust.  Additionally, it is fairly
*secure*, prohibiting root access ONLY at the console (shouldn't it be?),
effectively turning the server into a psuedo-network appliance.

As I am still futzing around with this compilation, I can say that this is
well worth playing around with.  The entire compilation is configured as an
ISO [there are currently 2 beta versions: Setinix 1 Beta 1, and Sentinix
0.70.5 (2nd beta version)], and it is relatively small in size (less than
250 MB).  The load was low or medium in complexity, and fairly quick (was up
in less than 1 hour), with some configuration done later after the server
has been loaded and initially configured.

Here's the project's URL:  http://www.sentinix.org

And, of course, the best things in life *are* FREE!  ;)  Enjoy!

Bob Radvanovsky
rsradvan () unixworks net

---------------------------------------------------------------------------
Free trial: Astaro Security Linux -- firewall with Spam/Virus Protection

Protect your network with the comprehensive security solution that integrates 
six applications for ease of use and lower TCO.

Firewall - Virus protection - Spam protection - URL blocking - VPN
- Wireless security.

Download 30-day evaluation at:
http://www.securityfocus.com/sponsor/Astaro_focus-ids_040219
---------------------------------------------------------------------------

Current thread:

Are there any other open sources IDS that not based on snort? Chatprechakul Mr N (Feb 23)
- Re: Are there any other open sources IDS that not based on snort? Olaf Gellert (Feb 23)
- Re: Are there any other open sources IDS that not based on snort? Yoann Vandoorselaere (Feb 23)
- Re: Are there any other open sources IDS that not based on snort? Alberto Gonzalez (Feb 23)
- Re: Are there any other open sources IDS that not based on snort? Joshua Wright (Feb 23)
  - Re: Are there any other open sources IDS that not based on snort? Martin Roesch (Feb 23)
- Re: Are there any other open sources IDS that not based on snort? Stephen P. Berry (Feb 23)
- <Possible follow-ups>
- RE: Are there any other open sources IDS that not based on snort? Bob Radvanovsky (Feb 25)
- Fwd: Are there any other open sources IDS that not based on snort? Giovanni Vigna (Feb 25)