Re: review host based intrusion detection sytems
----- Original Message -----
From: "Dan MacNeil" <firstname.lastname@example.org>
Sent: Sunday, June 22, 2003 3:24 AM
Subject: review host based intrusion detection sytems
> Does anyone have opinions on them?
> We're setting up 3 new servers and I want to have an intrusion
> detection database.
> Ease of use is much, much more important then perfect security.
> A while back we installed tripwire from tarball on one system but let it
> get out of date. At another job, they had a homegrown system that is very
> cumbersome,--lots and lots of false alarms and a pain to update.
Tripwire is fairly easy to use, but security will never be a one off thing,
if you let your system get out of date then you will pay the bill