[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

review host based intrusion detection sytems

Doing an apt-cache search on "tripwire" and "intrusion"

I came up with these packages:


I've googled around a bit but haven't found much evaluation...

Does anyone have opinions on them?

We're setting up 3 new servers and I want to have an intrusion
detection database.

Ease of use is much, much more important then perfect security.

A while back we installed tripwire from tarball on one system but let it
get out of date. At another job, they had a homegrown system that is very
cumbersome,--lots and lots of false alarms and a pain to update.

Of course it would be extra valuable if you could compare and contrast two
or more of these packages.

Reply to: