HIDS
Jeremy C. Reed
plug-discuss@lists.plug.phoenix.az.us
Thu, 13 Feb 2003 23:01:08 -0800 (PST)
On Thu, 13 Feb 2003, Adrian Mink wrote:
> Thanks, but snort is a network intrusion detection system. I am looking for
> something host based that will
> monitor logs, certain config files, etc.
(Sounds like FreeBSD's periodic security scripts.)
Have a look at swatch, logsurf, Xlogmaster, WOTS, log_analysis, LogDog
and/or logcheck for monitoring logs.
And use mtree to check metadata and other checksums and attributes of your
important files. (It is easier than tripwire.)
Jeremy C. Reed
http://www.pugetsoundtechnology.com/