Government Security
Network Security Resources

Jump to content

Photo

Host-Based Ids


  • Please log in to reply
1 reply to this topic

#1 Caramel2

Caramel2

    Private

  • Members
  • 3 posts

Posted 01 June 2012 - 06:56 AM


Hi,


I am looking for a good Host-based IDS solution for Linux (one that inspects system calls, OS files, CPU usage etc.,,, network traffic inspection is not relevant for this case).


Since I am using it for research purposes I need it to give as an output not only alerts, but also some quantitative measure of the risk to the system (such as anomaly rate) .


Does anyone have an idea of an existing IDS (Maybe OSSEC will do the job)?


If not - do you have an idea how to build such an HIDS? (if you know one for windows that would also be good...)


Thanks


#2 winsoc

winsoc

    Private First Class

  • Members
  • 29 posts

Posted 22 July 2012 - 02:10 PM

The open source version of Tripwire is your friend here.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users