| Forum Home | ||||
| Press F1 | ||||
| Thread ID: 16081 | 2002-02-26 01:52:00 | What NIDS for Linux should I get? | Guest (0) | Press F1 |
| Post ID | Timestamp | Content | User | ||
| 37089 | 2002-02-26 01:52:00 | (Network Intrusion Detection Systems) I have been looking for a NIDS and don't know much about the Linux ones available. I have looked at Snort but have not tried it out, is that a good one? Also I was looking at Firestorm but that is in early development. Is there one that you can recommend? I just want to know what goes on when I am on the net. |
Guest (0) | ||
| 37090 | 2002-02-26 05:34:00 | Have a look at the logfiles which your system is producing. They all live in /var/logs . You want to keep an eye on them anyway because they grow. If you want to see a lot of information, run 'tcpdump' in a terminal window. It has lots of options ... 'man tcpdump'. |
Guest (0) | ||
| 37091 | 2002-02-26 23:05:00 | snort has a good reputation. Any reason for NIDS rather than HIDS? | Guest (0) | ||
| 37092 | 2002-02-26 23:12:00 | snort has a good reputation. Any reason for NIDS rather than HIDS? | Guest (0) | ||
| 37093 | 2002-02-27 21:02:00 | I am not familiar with the terms HIDS. Is that Hardware IDS? I just want to keep a log of all the activity that goes on. When I am on Windows I run ZA and I got my mate to do a full scan on me and he found TCP port 5000 open which later turned out to be UnPnP. I just want something to log the scan when I ask him to do another one on me on Linux this time. That way I can see which ports were left open and I can compare it with his scan log. |
Guest (0) | ||
| 1 | |||||