[TriLUG] host intrusion detection for mere mortals?
Scott Chilcote
scottchilcote at ncrrbiz.com
Thu Sep 11 10:28:00 EDT 2014
On 09/10/2014 07:38 PM, Tom Roche wrote:
> summary: How reasonable is AIDE+ClamAV for an "anti-spyware" requirement? Alternatively, are there more functional HIDS with documentation sufficient for non-security-professionals, and which would not require major knowledge/maintenance/money/time investment?
>
Hi Tom,
My employer uses Tripwire <http://sourceforge.net/projects/tripwire/>
(the open source version) to satisfy one of our customers' requirements
for a server IDS. I've installed it many tmes when configuring and
testing RHEL, and the process is straightforward.
Unfortunately it is distributed as RPM and tarball, so if you need a
debian package it may not work. You may be able to convert it using
Alien. The commercial version(s) may be built for Debian, I haven't
checked.
Scott C.
--
Scott Chilcote
scottchilcote at ncrrbiz.com
Cary, NC USA
More information about the TriLUG
mailing list