Questions about this topic? Sign up to ask in the talk tab.
Difference between revisions of "IDS"
From NetSec
MargeryLeddy (Talk | contribs) |
GertieUbpgdd (Talk | contribs) |
||
| (2 intermediate revisions by one other user not shown) | |||
| Line 15: | Line 15: | ||
[http://www.la-samhna.de/samhain/ Samhain] [[HIDS]] | [http://www.la-samhna.de/samhain/ Samhain] [[HIDS]] | ||
| − | Samhain - A file integrity checking | + | Samhain - A file integrity checking application similar to OSSEC |
[http://nepenthes.carnivore.it/Nepenthes Nepenthes] [[HIDS]] | [http://nepenthes.carnivore.it/Nepenthes Nepenthes] [[HIDS]] | ||
| Line 23: | Line 23: | ||
HoneyD - A tool for collecting malware and tricking attackers into thinking they've performed a successful attack. | HoneyD - A tool for collecting malware and tricking attackers into thinking they've performed a successful attack. | ||
| − | + | {{countermeasures}} | |
Latest revision as of 01:00, 16 May 2012
Intrusion Detection Systems
IDS are used to detect attacks aimed at a network or host. See Also: IPS, NIDS, and HIDS.
Tools:
Cisco IDS - A network layer intrusion detection system based off of tcpdump with signature support.
Snort - A network layer intrusion detection system based off of libpcap with signature support and preprocessor support.
OSSEC - A host-based intrusion detection system that utilizies log analysis combined with integrity checksums and rootkit detection engines.
Samhain - A file integrity checking application similar to OSSEC
Nepenthes - A malware connection utility similar to HoneyD
HoneyD - A tool for collecting malware and tricking attackers into thinking they've performed a successful attack.
IDS is part of a series on countermeasures.
