IDS for ubuntu 14.04?

Matches

Anybody have experience with a good IDS for ubuntu 14.04? I know @PJH mentioned one a while back, but discourse search ...

Basically I have a pristine image for my server, all data writes (outside of OS logging) will be written to external data stores [or, more accurately, the VM will write to the hosts shared folder]. I'd like to have some tools to analyze incoming/outgoing traffic, and prevent changes to the system from bad guys (or, more likely, stupid software auto updaters)

Not 100% sure I'll implement it into production servers, but I'd like to take a look at what's available and see if it would be worth installing.

delfinom

This post is deleted!

PJH

@Matches said:

I know @PJH mentioned one a while back, but discourse search ...

OSSEC is the one I've deployed.

W2 Communications

OSSEC - World's Most Widely Used Host Intrusion Detection System - HIDS

OSSEC is a multiplatform, open source and free Host Intrusion Detection System (HIDS). You can tailor OSSEC for your security needs through its extensive configuration options, adding custom alert rules and writing scripts.