[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: IDS Systems

To: misc_(_at_)_openbsd_(_dot_)_org
Subject: Re: IDS Systems
From: Toni Mueller <openbsd-misc_(_at_)_oeko_(_dot_)_net>
Date: Thu, 5 Oct 2000 15:32:34 +0200
Reply-to: openbsd-misc_(_at_)_oeko_(_dot_)_net

Hello,

On Thu, Oct 05, 2000 at 12:51:00PM +0200, Jan Muenther wrote:
> with your host's files. Tripwire does this kind of stuff nicely,
> but it only comes as a binary, so I don't use it.

Tripwire once was a liberally distributed program, but now is
under strict commercial licensing in a similar way than is ssh.

> You could use stuff like Aide, or just build something with MD5

I don't know Aide, but in general I'd suggest using SHA1 because
MD5 is known to be breakable (and I don't think it's significantly
more expensive to do it right).

> detects attacks on a base of signature rules.  The best thing
> I've found is snort (www.snort.org). It's excellent. Use it. ;o))

Hmm. If not sticking to open source packages, could someone please
comment on how snort stacks up against nfr?

Best Regards,
--Toni++

Prev by Date: Re: PPPoE problems
Next by Date: Re: PPPoE problems
Previous by thread: (no subject)
Next by thread: Re: IDS Systems
Index(es):
- Date
- Thread

Visit your host, monkey.org