[CentOS] Intrusion Detection

Fri Mar 5 20:23:09 UTC 2010
Dan Burkland <dburklan at NMDP.ORG>

> -----Original Message-----
> From: centos-bounces at centos.org [mailto:centos-bounces at centos.org] On
> Behalf Of Nux
> Sent: Friday, March 05, 2010 1:51 PM
> To: centos at centos.org
> Subject: Re: [CentOS] Intrusion Detection
> 
> On Thu, 4 Mar 2010, Dan Burkland wrote:
> 
> > Hello all,
> >
> > I have been exploring the various intrusion detection systems available
> for the Linux platform and was wondering what ones you all would
> recommend? I have used AIDE before and while it is extremely easy to
> setup, it does not support the ability to send alerts as files are changed
> (allows one to be aware of an intrusion almost immediately).
> >
> > Thank you,
> >
> > Dan Burkland
> >
> > _______________________________________________
> > CentOS mailing list
> > CentOS at centos.org
> > http://lists.centos.org/mailman/listinfo/centos
> >
> 
> Try OSSEC, seems nice.

Thank you all for your suggestions, I have been evaluating OSSEC so far and like it quite a bit. I just need to figure out how to get it to email me nightly reports of all modifications to the file system every night like I did with AIDE.