[Snort-users] Intrusion S/W detection tools?

John_Delisle at ...1523... John_Delisle at ...1523...
Wed Mar 21 11:43:03 EST 2001


Take a look at Tripwire, it's free for Linux.

It will watch all files on your box and tell you if they change. (ie
someone added/removed/changed something).  It's a great product.

John Delisle
Corporate Technology
Ceridian Canada Ltd
204-975-5909


                                                                                                                                   
                    SWilcoxon at ...1386...                                                                                           
                    Sent by:                             To:     snort-users at lists.sourceforge.net                                 
                    snort-users-admin at ...635...        cc:                                                                       
                    eforge.net                           Subject:     [Snort-users] Intrusion S/W detection tools?                 
                                                                                                                                   
                                                                                                                                   
                    2001/03/21 09:33 AM                                                                                            
                                                                                                                                   
                                                                                                                                   




A little off the subject, but I feel it's related to IDS in general so this
could be a helpful group.

Are there any Open or Closed source tools for detecting that intruders have
installed compromised tools, backdoors, etc on a Linux system? I know that
many Virus Scanners can do this for files that are considered in that
category by the developers, but do they really cover the other tools a
Hacker may install on a System?

No, I'm not trying to sanitize a system. I was just thinking that would be
a
good tool for people who may not have taken the proper safeguards for
detecting binaries changing or files being added.

S.W.
swilcoxon at ...1386...

_______________________________________________
Snort-users mailing list
Snort-users at lists.sourceforge.net
Go to this URL to change user options or unsubscribe:
http://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users








More information about the Snort-users mailing list