Search:

Type: Posts; User: bodhi.zazen; Keyword(s):

Search: Search took 0.13 seconds.

  1. Sticky: [all variants] Re: Host-based Intrusion Detection Systems (HIDS)

    Clamav

    - A brief word about virus / spyware scanners -

    In Linux there are no known active viruses and user cases for antivirus scanners include :

    1. If you are running a file server (mail...
  2. Sticky: [all variants] Re: Host-based Intrusion Detection Systems (HIDS)

    Rkhunter

    rkhunter is the next most common HIDS tool. This tool is command line only and the output is to the terminal and a log file.

    Home page : http://rkhunter.sourceforge.net/

    rkhunter...
  3. Sticky: [all variants] Re: Host-based Intrusion Detection Systems (HIDS)

    Chkrootkit

    chkrootkit is a HIDS tool that scans your computer for possible root kits. It is one of the most popular rootkit scanners on these forums.

    Home page: http://www.chkrootkit.org/
    ...
  4. Sticky: [all variants] Re: Host-based Intrusion Detection Systems (HIDS)

    Tiger

    Tiger is my next favorite HIDS tool as it performs a security audit as well as several security checks including john the ripper (checks for weak passwords), scanning your system for...
  5. Sticky: [all variants] Re: Host-based Intrusion Detection Systems (HIDS)

    Alternates to OSSEC / OpenVAS

    OSSEC / Openvas not your cup of tea ? You could consider one of these alternates:

    Bastille - Ubuntu Wiki Bastille . Take care, bastille can lock you out of your...
  6. Sticky: [all variants] Re: Host-based Intrusion Detection Systems (HIDS)

    OpenVAS

    OpenVAS (Open Vulnerability Assessment System) is, as the name implies, is used for vulnerability testing rather then a method of monitoring your host for changes.

    OpenVAS is feature...
  7. Sticky: [all variants] Re: Host-based Intrusion Detection Systems (HIDS)

    OSSEC

    OSSEC

    Advantages of OSSEC :

    1. Open source (yea).

    2. OSSEC monitors integrity of system and log files.
  8. Sticky: [all variants] Re: Host-based Intrusion Detection Systems (HIDS)

    First steps


    There is a nice review of the issues with HIDS here. It was written in 2004, but the basic principles still apply.

    IMO the foundation of HIDS is with understanding how your OS...
  9. Sticky: [all variants] Host-based Intrusion Detection Systems (HIDS)

    Host-based Intrusion Detection Systems (HIDS)

    Intrusion detection can be divided into three broad categories: NIDS, HIDS, and vulnerability scans. In this post I will review several options for...
Results 1 to 9 of 9