Date: Wed, 21 Jun 2000 02:37:29 +0530 From: Chirag Kantharia <chyrag@slashetc.net> To: "J. Goodleaf" <goodleaf@goodleaf.net> Cc: questions@FreeBSD.ORG Subject: Re: Advice on intrusion detection Message-ID: <20000621023729.A32055@slashetc.net> In-Reply-To: <Pine.BSF.4.21.0006201334310.22397-100000@clyde.goodleaf.net> References: <Pine.BSF.4.21.0006201334310.22397-100000@clyde.goodleaf.net>
next in thread | previous in thread | raw e-mail | index | archive | help
On Tue, Jun 20, 2000 at 01:36:20PM -0700, J. Goodleaf wrote: | Just polling for suggestions on favorite intrusion detection | systems. There are several ports that could be useful--in particular I | head good things about snort--but I thought I'd troll before diving right | in. Portsentry is good one but it will keep track of ports being abused (first level of security breach). if you want to detect second (where the intruder logs onto the system) and third level of security breaches (where the intruder is able to get a priveleged account) and take appropriate action, then you should check out HostSentry. Both portsentry and hostsentry are developed by Psionic software (http://www.psionic.com) and are great tools. chyrag. -- Chirag Kantharia <chyrag@slashetc.net> http://slashetc.net/chyrag/ GCS/IT d- s-:->: a? C++++$ UBLS++++$ P++++(++)$ L++ E- W++ N--@ K--- w--- M->-- PE++ PGP->+ R* b+ DI+ D+ G++ e++ h* r-- !z+ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20000621023729.A32055>