IDS for ubuntu 14.04?



  • Anybody have experience with a good IDS for ubuntu 14.04? I know @PJH mentioned one a while back, but discourse search ...

    Basically I have a pristine image for my server, all data writes (outside of OS logging) will be written to external data stores [or, more accurately, the VM will write to the hosts shared folder]. I'd like to have some tools to analyze incoming/outgoing traffic, and prevent changes to the system from bad guys (or, more likely, stupid software auto updaters)

    Not 100% sure I'll implement it into production servers, but I'd like to take a look at what's available and see if it would be worth installing.



  • This post is deleted!


  • @Matches said:

    I know @PJH mentioned one a while back, but discourse search ...

    OSSEC is the one I've deployed.

    http://www.ossec.net/


Log in to reply
 

Looks like your connection to What the Daily WTF? was lost, please wait while we try to reconnect.