From owner-freebsd-questions Thu Feb 7 2:49:33 2002 Delivered-To: freebsd-questions@freebsd.org Received: from post.mail.nl.demon.net (post-11.mail.nl.demon.net [194.159.73.21]) by hub.freebsd.org (Postfix) with ESMTP id E63F937B42A for ; Thu, 7 Feb 2002 02:49:28 -0800 (PST) Received: from [212.238.194.207] (helo=mailhost.raggedclown.net) by post.mail.nl.demon.net with esmtp (Exim 3.33 #1) id 16Ym7M-0003Hp-00 for freebsd-questions@freebsd.org; Thu, 07 Feb 2002 10:49:28 +0000 Received: from angel.raggedclown.net (angel.raggedclown.intra [192.168.1.7]) by mailhost.raggedclown.net (Ragged Clown Mail Gateway [buffy]) with ESMTP id 7047213040 for ; Thu, 7 Feb 2002 11:49:27 +0100 (CET) Received: by angel.raggedclown.net (Ragged Clown Host [angel], from userid 1001) id D4D5422590; Thu, 7 Feb 2002 11:49:26 +0100 (CET) Date: Thu, 7 Feb 2002 11:49:26 +0100 From: Cliff Sarginson To: freebsd-questions@freebsd.org Subject: Re: intrusion detection software... Message-ID: <20020207104926.GB8099@raggedclown.net> References: <20020207102656.68785.qmail@web20102.mail.yahoo.com> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20020207102656.68785.qmail@web20102.mail.yahoo.com> User-Agent: Mutt/1.3.27i Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG On Thu, Feb 07, 2002 at 02:26:56AM -0800, Bsd Neophyte wrote: > > i was at a cisco security/vpn seminar today... and all the speakers > stressed how important it was to have "host-level" IDS... > > soooooo.... can anyone recommend a good IDS for my FreeBSD box? > "snort" is in the ports, my experience of it is pretty good, but that was under *another* OS, although it does seem to throw a tantrum occaionally and turn itself off. -- Regards Cliff To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message