IDS for ubuntu 14.04?
Anybody have experience with a good IDS for ubuntu 14.04? I know @PJH mentioned one a while back, but discourse search ...
Basically I have a pristine image for my server, all data writes (outside of OS logging) will be written to external data stores [or, more accurately, the VM will write to the hosts shared folder]. I'd like to have some tools to analyze incoming/outgoing traffic, and prevent changes to the system from bad guys (or, more likely, stupid software auto updaters)
Not 100% sure I'll implement it into production servers, but I'd like to take a look at what's available and see if it would be worth installing.
This post is deleted!
I know @PJH mentioned one a while back, but discourse search ...
OSSEC is the one I've deployed.