hi,
On Tue, Mar 21, 2006 at 02:50:35PM -0300, Hutger H. wrote:
> I've been looking for a consolidated IDS solution that I can deploy in
> my network. Snort is really a good option but currently it seems that
> they are charging for updates, it that true? I'd like to find out a free
> of charge Linux, or BSD, solution that can works as good as snort works
> and, rather with some successful deployment cases.
>
an alternative approach to snort is bro, which uses a bsd-style license.
http://www.bsd-ids.org/
the c++ code is a bit ugly, but the system is very powerful, supports
snort rules and is also supported by most of the hybrid IDS frameworks
(like prelude-ids). bro claims that their own context-based rule
language is even more powerful than the snort stuff.
reyk
--
/* .vantronix|secure systems - (research & development)
* reyk floeter - friendly known free software engineer
* [EMAIL PROTECTED] - http://team.vantronix.net/reyk/
*/
