IDS Software
Leo Bicknell
bicknell at ufp.org
Sat Sep 8 02:26:14 UTC 2001
I'm starting a project for which I would like some quality IDS
software. IMHO this opens up a whole can of worms, and will probably
start a great discussion, but that's probably good on the whole.
First, the requirements. The IDS system must be:
* Free
* Run on FreeBSD, and/or maybe Linux.
* Allow both 'router' detection (where the host acts as a router)
and 'passive' (where the host is simply a sniffer on a lan).
* Have a reasonable configuration system to allow common false-positives
to be supressed.
At this point I know almost nothing about IDS systems, other than
that several companies make such products and charge huge fees for
them, and that there are a number of open-source products that have
no confirmed reputations.
Replies to the list are ok, as are private replies. Assuming I get
something good I will summarize private replies to the list.
--
Leo Bicknell - bicknell at ufp.org
Systems Engineer - Internetworking Engineer - CCIE 3440
Read TMBG List - tmbg-list-request at tmbg.org, www.tmbg.org
More information about the NANOG
mailing list