Re: intrusion detection

To: Andrew Reid <reidac@bellatlantic.net>
Cc: debian-user@lists.debian.org
Subject: Re: intrusion detection
From: Julian De Marchi <julian@jdcomputers.com.au>
Date: Wed, 29 Oct 2008 12:36:37 +1000
Message-id: <[🔎] 4907CC35.2060806@jdcomputers.com.au>
In-reply-to: <[🔎] 200810282012.34727.reidac@bellatlantic.net>
References: <[🔎] 49072EEC.1000209@videotron.ca> <[🔎] 200810282012.34727.reidac@bellatlantic.net>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

<snip>

>   In the host-based category, I'm aware of two -- there's the
> samhain/yule/beltane family, which are really one intrustion
> detection apparatus. Samhain is the daemon that runs on the 
> clients being monitored, yule is the server that maintains
> the (remote from the client) database, and beltane is the
> web app you can use to monitor changes.  Beltane costs
> a small amount of money, and the others are free (as in beer).

<snip>

I can recommend ossec[0]. It is a great little host IDs, which works
great out of the box. :)

- --
Cheers,
Julian De Marchi
- --
OpenNIC user - http://www.opennicproject.org/ | http://www.opennic.glue
Support OpenNIC, become a member today!
- --
Please avoid sending me Word or PowerPoint attachments.
See http://www.gnu.org/philosophy/no-word-attachments.html

0 - http://www.ossec.net/
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.7 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iD4DBQFJB8w1fM8nSo1lmBQRAl2QAJ9Cqw8OIfuSMjGVW5N50oEdIrCGAQCY+W46
hQ1QecZiNbjGKCZ3+Nfh1Q==
=3Z5B
-----END PGP SIGNATURE-----

Reply to:

References:
- intrusion detection
  - From: David Bernier <david250@videotron.ca>
- Re: intrusion detection
  - From: Andrew Reid <reidac@bellatlantic.net>

Prev by Date: Re: how to start postgresql server at machine startup?
Next by Date: Sarge Repository Gone
Previous by thread: Re: intrusion detection
Next by thread: Re: intrusion detection
Index(es):
- Date
- Thread