AIDE (Advanced Intrusion Detection Environment) is a file and directory integrity checker. It creates a database from the regular expression rules that it finds from the config file(s). Once this database is initialized it can be used to verify the integrity of the files. It has several message digest algorithms (see below) that are used …
Category: Intrusion Detection Systems (IDS)
Permanent link to this article: https://www.darknessgate.com/2015/03/31/aide-advanced-intrusion-detection-environment-2/
OSSEC
OSSEC is an Open Source Host-based Intrusion Detection System that performs log analysis, file integrity checking, policy monitoring, rootkit detection, real-time alerting and active response. It runs on most operating systems, including Linux, MacOS, Solaris, HP-UX, AIX and Windows. Check out OSSEC features and how it works for more information about how OSSEC can help you solve your host-based …
Permanent link to this article: https://www.darknessgate.com/2015/03/07/ossec/
Sguil
Sguil (pronounced sgweel) is built by network security analysts for network security analysts. Sguil’s main component is an intuitive GUI that provides access to realtime events, session data, and raw packet captures. Sguil facilitates the practice of Network Security Monitoring and event driven analysis. The Sguil client is written in tcl/tk and can be run …
Permanent link to this article: https://www.darknessgate.com/2015/03/06/sguil/
Snort 2.9.7.0
Open-Source IDS/IPS Download Snort
Permanent link to this article: https://www.darknessgate.com/2015/03/04/snort-2-9-7-0/
SAMHAIN file integrity / host-based intrusion detection system
The Samhain host-based intrusion detection system (HIDS) provides file integrity checking and log file monitoring/analysis, as well as rootkit detection, port monitoring, detection of rogue SUID executables, and hidden processes. Samhain been designed to monitor multiple hosts with potentially different operating systems, providing centralized logging and maintenance, although it can also be used as standalone …
Permanent link to this article: https://www.darknessgate.com/2012/05/24/samhain-file-integrity-host-based-intrusion-detection-system/
AIDE (Advanced Intrusion Detection Environment)
AIDE (Advanced Intrusion Detection Environment) is a file and directory integrity checker. It creates a database from the regular expression rules that it finds from the config file(s). Once this database is initialized it can be used to verify the integrity of the files. It has several message digest algorithms (see below) that are used …
Permanent link to this article: https://www.darknessgate.com/2012/05/24/aide-advanced-intrusion-detection-environment/