Mailinglist Archive: opensuse-security (564 mails)

< Previous Next >
Re: [suse-security] Intrusion detection?
Pakemon http://www.inas.mag.keio.ac.jp/ids/pakemon/index.html
Abacus Project http://www.psionic.com/abacus/
eye on exec http://www.cs.uni-potsdam.de/homepages/students/linuxer/ok.html
AAFID http://www.cerias.purdue.edu/projects/aafid/
goodies for/and snort http://www.whitehats.com/ids/index.html

[ ]'s bacano

----- Original Message -----
From: "Thomas Biege" <thomas@xxxxxxx>
To: "Stefan Hoffmeister" <suse.mailinglist@xxxxxxxxx>
Cc: <suse-security@xxxxxxxx>
Sent: Thursday, January 04, 2001 11:48 AM
Subject: Re: [suse-security] Intrusion detection?


> On Thu, 4 Jan 2001, Stefan Hoffmeister wrote:
>
> >
> > Hi,
> >
> > what are the recommended tools to add to a (dial-up) NAT gateway to
detect
> > attacks on that gateway?
> >
> > I am not (yet :->) looking for tools how to detect things after the deed
> > is done, but for some kind of an early warning system (and I am not
> > particularly interested in reading the raw logs emitted by ipchains).
> >
> > http://www.securityfocus.com/
> >
> > lists a couple of things, but this seems to be just an *unreviewed* long
> > list of tools, with rather unknown quality.
>
> try snort (www.snort.org) or packemon (???) for networkbased attacks.
> they are easy to fool, but they are available for free. :-\
>
> all open source hostbased IDS, that I know, suck.
>
>
>
> Bye,
> Thomas
> --
> Thomas Biege, SuSE GmbH, Schanzaeckerstr. 10, 90443 Nuernberg
> E@mail: thomas@xxxxxxx Function: Security Support & Auditing
> "lynx -source http://www.suse.de/~thomas/thomas.pgp | pgp -fka"
> Key fingerprint = 09 48 F2 FD 81 F7 E7 98 6D C7 36 F1 96 6A 12 47
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: suse-security-unsubscribe@xxxxxxxx
> For additional commands, e-mail: suse-security-help@xxxxxxxx
>
>


< Previous Next >
Follow Ups
References