Skip to main content

IDS, EDS...

More
21 years 10 months ago #452 by wrath_child
IDS, EDS... was created by wrath_child
What IDS (Intrusion detection software) and EDS (exploit detection software) is used and is recommended by forum members?

Thanks in advance
More
21 years 5 months ago #453 by James1830
Replied by James1830 on topic IDS, EDS...
I've had good luck with a product called "Snort". It has a nice web interface called "Acid" that makes quick checks a breeze.
More
21 years 2 months ago #817 by sahirh
Replied by sahirh on topic Re: IDS, EDS...
As a network based intrusion detection system, snort is considered the best
www.snort.org [i think]

As a host based IDS, I use tripwire for file integrity checking.

I'm not sure what an EDS is, could you elaborate or point out the difference..
Though I would recommend some tool that regularly scans logfiles, for example CERT has a tool that scans logs for traces that log cleanup tools leave -- an instant indication that you've got a problem. There are lots of automated log scanners out there for all platforms.

Sahir

Sahir Hidayatullah.
Firewall.cx Staff - Associate Editor & Security Advisor
tftfotw.blogspot.com
More
21 years 2 months ago #826 by Manip
Replied by Manip on topic Re: IDS, EDS...
If you have a windows machine then BlackIce isn't bad..... Although snort isn't hard to setup, blackice is like setting up any other windows firewall (piss easy)
More
21 years 2 months ago #828 by tfs
Replied by tfs on topic Re: IDS, EDS...
Couldn't recommend one as I haven't used one myself. It mainly seems to deal with email security. The following link seems to be the same explanation of it. I looked at a couple of other links and they are the same article. GFI seems to be the main company that deals with it. How good it is I couldn't tell you.

www.gfi.com/mailsecurity/wpexploitengine.htm

Thanks,

Tom
More
21 years 2 months ago #944 by sahirh
Replied by sahirh on topic Re: IDS, EDS...
Blackice the firewall sucked pretty bad, in fact it even failed leaktest ( www.grc.com ) i don't know about blackice IDS and its capabilities. I know that sygate personal firewall has some rudimentary IDS capability.. it picks up on known attacks.

Sahir Hidayatullah.
Firewall.cx Staff - Associate Editor & Security Advisor
tftfotw.blogspot.com
Time to create page: 0.134 seconds