[CentOS] Intrusion Detection Systems

Wed Sep 26 20:17:55 UTC 2007
Mark D. Foster <mark at foster.cc>

John Hinton wrote:
> ...
> There does seem to be flexibility among these three systems in having
> the ability to monitor just about any log system and take action based
> on failed logins for instance.
> So, whats the word from the list? Pros cons or other directions?
I've always been rather fond of labrea
(http://labrea.sourceforge.net/labrea-info.html) and portsentry
(http://sourceforge.net/projects/sentrytools/), you might give them a

Said one park ranger, 'There is considerable overlap between the 
 intelligence of the smartest bears and the dumbest tourists.'
Mark D. Foster, CISSP <mark at foster.cc>  http://mark.foster.cc/