Date: Wed, 3 May 2000 16:51:51 -0700 (PDT) From: "Jon O @ kc" <jono@microshaft.org> To: John.VanHouten@hurlburt.af.mil Cc: freebsd-questions@FreeBSD.ORG Subject: Re: Question: Best IDS? Message-ID: <Pine.BSF.4.10.10005031542310.65791-100000@stuart.microshaft.org> In-Reply-To: <856532CB07BED3118FE300204840E28ACE4483@vexwncc02.hurlburt.af.mil>
next in thread | previous in thread | raw e-mail | index | archive | help
Dragon is a great IDS system. It uses a text based signature system so you can load up new sigs right after they are published or make your own. I use it on a very busy network and it works great. It runs faster on FreeBSD than anything else I've seen. You can use it in remote locations and send to a central server. Shouldn't you be using Shadow from the Navy ;)? http://www.network-defense.com/ Thanks, Jon http://www.networkcommnad.com No more Digital VooDoo. On Wed, 3 May 2000 John.VanHouten@hurlburt.af.mil wrote: > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > Hi all.... > > I am really looking for opinions from this forum of individuals > regarding use of IDS (Intrusion Detection Systems) on a FBSD box. > Which application is best for this purpose? Both commercial and open > source? > > I presently run Tripwire daily, as well as a little perl script which > runs through /var/log/messages looking for 'odd' activity... and of > course the 'daily run' information FBSD provides, syslog, etc etc. > > I also run Nessus and SARA weekly on my machines - just to be sure. > > What I would like is a good IDS package, and I am sure each one of you > has their own idea of what is the best and why. > While this is not FreeBSD specific, I have always respected the > opinions of those that contribute to this list. If you think > something is hot, I am sure it is. > > Thanks in advance guys. > > Cheers! > > - --John > > > -----BEGIN PGP SIGNATURE----- > Version: PGPfreeware 6.0.2 for non-commercial use <http://www.pgp.com>; > > iQA/AwUBORCbD1ufg9eYiuqZEQLmWwCfebw/A9XwOITg2gebgOd3CqdV0PcAoOUs > o5NbtbkNdN2qik2sMDvFgwJ9 > =h/mL > -----END PGP SIGNATURE----- > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-questions" in the body of the message > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.4.10.10005031542310.65791-100000>