Re: What is the best free HIDS for Debian
On Mon, May 2, 2022 at 11:36 AM Sylvain <email@example.com> wrote:
> Hello everyone !
> I unsuccessfully tried Tripwire, Aide, Integrit and now OSSEC and OSSEC+.
> All these softs throw errors while running or compiling on my Debian 11.3...
> So can you tell me if there is another free HostBase Intrusion Detection
Would definitely be good to know more detail on the issues you're
encountering with a pretty broad spectrum of tooling here.
I also recommend you take a look at osquery: https://osquery.io/
I'd also recommend a look at Wazuh as others have mentioned.
Another suggestion in the thread:
> Did you try Suricata?
This isn't HIDS, it's NIDS (network), but it's valuable nonetheless.
It's best deployed on a network perimeter or similar segment level to
protect multiple hosts. Particularly when running larger size
rulesets, memory consumption can be significant, so it may not be
suited for protecting each individual host in a fleet.