Do you have a question? Post it now! No Registration Necessary. Now with pictures!
- Posted on
- Dedicated intrusion detection system
- Rick DeBay
March 20, 2006, 3:22 pm
rate this thread
dedicated intrusion detection system.
I want it to boot a hardened distro from a CD, and then probe all our production
servers' ports and scan the hard drives with programs like Aide and Samhain. It
will compare against a read-only database on the second CD drive.
I'm sure a setup like this must have been created hundreds of times already, so
I'm hoping someone can point me to some resources.
Thanks, Rick DeBay
http://NewsGuy.com/overview.htm 30Gb $9.95 Carry Forward and On Demand Bandwidth
Re: Dedicated intrusion detection system
Have you considered using Snort
Depending on which modes you run it in, Snort can sniff (and log) packets
and analyze traffic to detect many types of active attacks. If you are
setting up a dedicated intrusion detection system I would suggest using a
different operating system than your main server, so there is some
diversity. e.g. if one is Linux, maybe run FreeBSD on the other.
Software design for Windows and Linux/Unix-like systems
- » Cloud Ace Technologies is offering Implementation Services on Cloud Computing, Cloud Serv...
- — Newest thread in » Linux Security