I would definitely second SecurityOnion. And if you have the money,
the Emerging Threats etpro ruleset:
http://www.emergingthreats.net/solutions/etpro-ruleset/
Dallas
On Fri, 28 Feb 2014, Scott Roberts wrote:
Give Security Onion a go:
http://blog.securityonion.net/p/securityonion.html
It's
I’m currently testing out and so far happy with JumpCloud.com for a host based
IDS (as well as auth and patch monitoring).
cjs
On Feb 28, 2014, at 11:44 AM, Paul Graydon wrote:
> From the host end, I've found OSSEC to be very useful. It takes a little
> tuning (as do most of these solution
>From the host end, I've found OSSEC to be very useful. It takes a little
>tuning (as do most of these solutions)
but I've found it does a great job. I've actually got it running on my own VPS
too.
On Fri, Feb 28, 2014 at 12:28:34PM -0500, Matt Disney wrote:
>There are a variety of factors
Ideally, we want both Network based and host based IDS that we can feed
into our logging system that is also open source. We have a primarily
Fedora based network. The intent is to pass FISMA. So we have budget for
commercial options as well. I have heard good things about snort. We are
not that hi
Give Security Onion a go:
http://blog.securityonion.net/p/securityonion.html
It's a good way to familiarize yourself with an IDS without having to go
through the pains to install one from scratch.
On 2/28/14, 11:25 AM, "Ali Sajid Imami" wrote:
>At work, we have been tasked with setting us up
There are a variety of factors here. I assume you mean a network-based IDS,
rather than host-based, and that you want to do packet inspection.
Snort, suricata, and bro are popular open source options. I recommend
subscribing to some kind of threat feed to get new IDS rules from a vendor
or communi
At work, we have been tasked with setting us up for various security
certifications. one step is putting a good IDS in place. I was wondering if
people here had any good recommendations?
___
Tech mailing list
Tech@lists.lopsa.org
https://lists.lopsa.org/c
