Re: review host based intrusion detection sytems

To: "Dan MacNeil" <omacneil@brave.cs.uml.edu>, <debian-isp@lists.debian.org>
Subject: Re: review host based intrusion detection sytems
From: "Paul Foote" <paul@geesus.homelinux.net>
Date: Sun, 22 Jun 2003 15:04:43 +1000
Message-id: <[🔎] 003301c3387b$cc5a2ae0$de00a8c0@geesus>
References: <[🔎] Pine.LNX.4.44.0306211310310.335-100000@brave.cs.uml.edu>

----- Original Message -----
From: "Dan MacNeil" <omacneil@brave.cs.uml.edu>
To: <debian-isp@lists.debian.org>
Sent: Sunday, June 22, 2003 3:24 AM
Subject: review host based intrusion detection sytems



> Does anyone have opinions on them?
>
> We're setting up 3 new servers and I want to have an intrusion
> detection database.
>
> Ease of use is much, much more important then perfect security.
>
> A while back we installed tripwire from tarball on one system but let it
> get out of date. At another job, they had a homegrown system that is very
> cumbersome,--lots and lots of false alarms and a pain to update.
>

Tripwire is fairly easy to use, but security will never be a one off thing,
if you let your system get out of date then you will pay the bill

Reply to:

References:
- review host based intrusion detection sytems
  - From: Dan MacNeil <omacneil@brave.cs.uml.edu>

Prev by Date: review host based intrusion detection sytems
Next by Date: RE: review host based intrusion detection sytems
Previous by thread: review host based intrusion detection sytems
Next by thread: RE: review host based intrusion detection sytems
Index(es):
- Date
- Thread