July 31st, 2003 09:57 AM
Hey guys I found on the net a tool I didn't know about:
LIDS (Linux IDS): basicaly an File System IDS & integrity checker. http://www.lids.org/
Sound like a good tool does anyone have feedback about it?
[shadow] SHARING KNOWLEDGE[/shadow]
August 9th, 2003 10:59 PM
Nice tool! I've used Snort (www.snort.org) for the longest time, and I think it's pretty much your best all around IDS system... HOWEVER, from what I've seen on their webpage, LIDS offers a whole lot!
I think one of the coolest features is actually the local security features, as opposed to the network security features that IDS systems usually limit themselves to. I'm going to install LIDS on my box and see what it can do.
August 11th, 2003 07:24 AM
Installed... and been messing with it for a bit... I do like it, but I'd still take Snort over it :-/
August 11th, 2003 09:40 AM
I'm a big fan of portsentry my self
IT, e-commerce, Retail, Programme & Project Management, EPoS, Supply Chain and Logistic Services. Yorkshire. http://www.bigi.uk.com
August 11th, 2003 09:42 AM
yeap! is a good tool.
maybe u wanna test Advanced Intrusion Detection Enviroment: http://www.cs.tut.fi/~rammer/aide.html
Is a nice tool too.
August 11th, 2003 10:43 AM
There are basicly 2 types of IDSs. Host based and network based. LIDS is a host based IDS and Snort is a network based IDS. Therefor these 2 cannot be compared to each other as they both have a different 'field of view'.
Experience is something you don't get until just after you need it.