On Mon, May 2, 2022 at 11:36 AM Sylvain <sseche...@free.fr> wrote: > > Hello everyone ! > > I unsuccessfully tried Tripwire, Aide, Integrit and now OSSEC and OSSEC+. > > All these softs throw errors while running or compiling on my Debian 11.3... > > So can you tell me if there is another free HostBase Intrusion Detection > System.
Would definitely be good to know more detail on the issues you're encountering with a pretty broad spectrum of tooling here. I also recommend you take a look at osquery: https://osquery.io/ I'd also recommend a look at Wazuh as others have mentioned. Another suggestion in the thread: > Did you try Suricata? This isn't HIDS, it's NIDS (network), but it's valuable nonetheless. It's best deployed on a network perimeter or similar segment level to protect multiple hosts. Particularly when running larger size rulesets, memory consumption can be significant, so it may not be suited for protecting each individual host in a fleet. -- Darren Spruell phatbuck...@gmail.com
