[CentOS] Intrusion Detection
bazy84 at gmail.com
Fri Mar 5 07:15:25 UTC 2010
On Fri, Mar 5, 2010 at 12:02 AM, Dan Burkland <dburklan at nmdp.org> wrote:
> Hello all,
> I have been exploring the various intrusion detection systems available for the Linux platform and was wondering what ones you all would recommend? I have used AIDE before and while it is extremely easy to setup, it does not support the ability to send alerts as files are changed (allows one to be aware of an intrusion almost immediately).
> Thank you,
> Dan Burkland
For auditing your entire network for patches / vulnerabilities I
recommend you use Nessus. For server protection you can use tripwire
and clamav. Clamav can detect and block most rootkits and exploit
code, therefor the attacker will not be able to execute it.
More information about the CentOS