July 31st, 2003, 10:57 AM
Hey guys I found on the net a tool I didn't know about:
LIDS (Linux IDS): basicaly an File System IDS & integrity checker. http://www.lids.org/
Sound like a good tool does anyone have feedback about it?
[shadow] SHARING KNOWLEDGE[/shadow]
August 9th, 2003, 11:59 PM
Nice tool! I've used Snort (www.snort.org) for the longest time, and I think it's pretty much your best all around IDS system... HOWEVER, from what I've seen on their webpage, LIDS offers a whole lot!
I think one of the coolest features is actually the local security features, as opposed to the network security features that IDS systems usually limit themselves to. I'm going to install LIDS on my box and see what it can do.
August 11th, 2003, 08:24 AM
Installed... and been messing with it for a bit... I do like it, but I'd still take Snort over it :-/
August 11th, 2003, 10:40 AM
I'm a big fan of portsentry my self
IT, e-commerce, Retail, Programme & Project Management, EPoS, Supply Chain and Logistic Services. Yorkshire. http://www.bigi.uk.com
August 11th, 2003, 10:42 AM
yeap! is a good tool.
maybe u wanna test Advanced Intrusion Detection Enviroment: http://www.cs.tut.fi/~rammer/aide.html
Is a nice tool too.
August 11th, 2003, 11:43 AM
There are basicly 2 types of IDSs. Host based and network based. LIDS is a host based IDS and Snort is a network based IDS. Therefor these 2 cannot be compared to each other as they both have a different 'field of view'.
Experience is something you don't get until just after you need it.