Reyk Floeter wrote:
hi,
On Tue, Mar 21, 2006 at 02:50:35PM -0300, Hutger H. wrote:
I've been looking for a consolidated IDS solution that I can deploy in
my network. Snort is really a good option but currently it seems that
they are charging for updates, it that true? I'd like to find out a free
of charge Linux, or BSD, solution that can works as good as snort works
and, rather with some successful deployment cases.
an alternative approach to snort is bro, which uses a bsd-style license.
http://www.bsd-ids.org/
Are you sure about it? Domain not found.
the c++ code is a bit ugly, but the system is very powerful, supports
snort rules and is also supported by most of the hybrid IDS frameworks
(like prelude-ids). bro claims that their own context-based rule
language is even more powerful than the snort stuff.
reyk
