[unisog] Host Based IDS

Russell Fulton r.fulton at auckland.ac.nz
Tue May 10 21:39:42 GMT 2005


On Tue, 2005-05-10 at 10:27 +0100, Steven Tonge wrote:
> We are looking to install a host-based IDS on the Linux machines on our
> network (~150 machines). We currently use the Academic release of
> Tripwire but are looking to move to a more client/server based model.
> 
> The two packages that have come to my attention are Samhain and Osiris.
> Does anyone have any opinion on these or any other suggestions.

we have looked at samhain/beltane and got as far as doing proof of
concept installation on small scale.  We want to deploy it widely but
are fighting the battle against new projects which produce visible
results.  Things like deploying host based IDS are invisible and while
everyone agrees that they are a good idea we are struggling to find the
resources to deploy them widely.

Russell.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 2201 bytes
Desc: not available
Url : http://www.dshield.org/pipermail/unisog/attachments/20050511/a598b818/smime.bin


More information about the unisog mailing list