Modern open source NIDS/HIDS and consoles?
Posted
by
MattC
on Server Fault
See other posts from Server Fault
or by MattC
Published on 2009-10-22T14:24:27Z
Indexed on
2011/01/11
17:56 UTC
Read the original article
Hit count: 284
Years back we set up an IDS solution by placing a tap in front of our exterior firewall, piping all the traffic on our DS1 through an IDS box and then sending the results off to a logging server running ACiD. This was around 2005-ish. I've been asked to revamp the solution and expand on it and looking around, I see that the last release of ACiD was from 2003 and I can't seem to find anything else that seems even remotely up-to-date. While these things may be feature complete, I worry about library conflicts, etc. Can anyone give me suggestions for a Linux/OpenBSD based solution using somewhat modern tools?
Just to be clear, I know that Snort is still actively developed. I guess I'm more in the market for a modern open-source web console to consolidate the data. Of course if people have great experiences with IDS' other than Snort I'm happy to hear about it.
© Server Fault or respective owner