[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: review host based intrusion detection sytems

----- Original Message -----
From: "Dan MacNeil" <omacneil@brave.cs.uml.edu>
To: <debian-isp@lists.debian.org>
Sent: Sunday, June 22, 2003 3:24 AM
Subject: review host based intrusion detection sytems

> Does anyone have opinions on them?
> We're setting up 3 new servers and I want to have an intrusion
> detection database.
> Ease of use is much, much more important then perfect security.
> A while back we installed tripwire from tarball on one system but let it
> get out of date. At another job, they had a homegrown system that is very
> cumbersome,--lots and lots of false alarms and a pain to update.

Tripwire is fairly easy to use, but security will never be a one off thing,
if you let your system get out of date then you will pay the bill

Reply to: