I am looking for a good Host-based IDS solution for Linux (one that inspects system calls, OS files, CPU usage etc.,,, network traffic inspection is not relevant for this case).
Since I am using it for research purposes I need it to give as an output not only alerts, but also some quantitative measure of the risk to the system (such as anomaly rate) .
Does anyone have an idea of an existing IDS (Maybe OSSEC will do the job)?
If not - do you have an idea how to build such an HIDS? (if you know one for windows that would also be good...)
Host-Based Ids For Linux
No replies to this topic
0 user(s) are reading this topic
0 members, 0 guests, 0 anonymous users