Im sorry if this has been posted before. I tried to find a thread for this but came up empty handed. I am setting up a home network from which I plan to run a linux server eventually on a cable modem. I am working on this from the ground up. I am testing different software and different os's to learn their weaknesses and how to protect them. I read that what one really needs, not just a firewall or a virus scanner, is good intrusion detection software. I am wondering if anyone knows of a good one that is free, or any that are for that matter, so that I use them in my testing and learning. I appreciate your help. If there are no free ids's then what are some good ones to purchase? Thanks.
Hello. You can go to www.webattack.com they have over 2000 freeware shareware and adons. There is lots of up to date firewalls and virus snanners also and a lots of net work stuff. Have fun and good luck.
If you are ready for a commercial application, NFR rocks (and is cheaper and much more flexible/reliable than ISS).
June 21st, 2002, 02:25 AM
thanks for all your suggestions....I will check them out.
June 25th, 2002, 07:33 PM
snort will work fine on any *nix. It is definately the IDS to use.
You might find it a bit easier to install and configure on freebsd as I believe most of the development for it is done on freebsd.
July 13th, 2002, 10:24 PM
Yes Snort is it. You should also get DeMarc which is a cool graphical interface with SNORT. This is the free Linux version of DeMarc: http://linux.tucows.com/internet/preview/229406.html. They just came out with a windows version and are charging like $20000 for it!
July 16th, 2002, 07:02 AM
Originally posted here by TaoJones Yes Snort is it. You should also get DeMarc which is a cool graphical interface with SNORT. This is the free Linux version of DeMarc: http://linux.tucows.com/internet/preview/229406.html. They just came out with a windows version and are charging like $20000 for it!
not quite right, the professional edition costs loads yes, but the personal edition for windows is as free as the personal edition for *nix.
btw, puresecure is not only a nice graph interface for snort, it features logging to mysql, and displaying logs via a php website, plus having one central for multiple snort sensors, so it is using snort yes, yet add's some nice features on top of that ;)
the homepage for puresecure is http://www.demarc.com
after signing up for a free account, you can download the personal edition from this site