snort as HIDS

["Lamont, Brian A." <Brian.Lamont () gd-ms com>]

We have a very basic configuration of snort deployed across our linux/unix systems, and we are being told that snort is 
not host intrustion tool, although that is what we have configured it to be.    Could I get an argument that supports 
the use of Snort on Linux/Solaris as a host intrustion tool, any supporting names of the features, software, etc. that 
prove its use as a HIDS?

Thank you!


Brian Lamont
Unix Systems Admin

[Mission-Systems-logo-2col]
Desk:  480 586-9986
Cell:     480 209-8751
brian.lamont () gd-ms com<mailto:brian.lamont () gd-ms com>

This message and/or attachments may include information subject to GD Corporate Policies 07-103 and 07-105 and is 
intended to be accessed only by authorized recipients.  Use, storage and transmission are governed by General Dynamics 
and its policies. Contractual restrictions apply to third parties.  Recipients should refer to the policies or contract 
to determine proper handling.  Unauthorized review, use, disclosure or distribution is prohibited.  If you are not an 
intended recipient, please contact the sender and destroy all copies of the original message.

------------------------------------------------------------------------------
Attend Shape: An AT&T Tech Expo July 15-16. Meet us at AT&T Park in San
Francisco, CA to explore cutting-edge tech and listen to tech luminaries
present their vision of the future. This family event has something for
everyone, including kids. Get more information and register today.
http://sdm.link/attshape

_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users

Please visit http://blog.snort.org to stay current on all the latest Snort news!