IDS, EDS...

What IDS (Intrusion detection software) and EDS (exploit detection software) is used and is recommended by forum members?

Thanks in advance

I've had good luck with a product called "Snort". It has a nice web interface called "Acid" that makes quick checks a breeze.

As a network based intrusion detection system, snort is considered the best
www.snort.org [i think]

As a host based IDS, I use tripwire for file integrity checking.

I'm not sure what an EDS is, could you elaborate or point out the difference..
Though I would recommend some tool that regularly scans logfiles, for example CERT has a tool that scans logs for traces that log cleanup tools leave -- an instant indication that you've got a problem. There are lots of automated log scanners out there for all platforms.

Sahir

If you have a windows machine then BlackIce isn't bad..... Although snort isn't hard to setup, blackice is like setting up any other windows firewall (piss easy)

Couldn't recommend one as I haven't used one myself. It mainly seems to deal with email security. The following link seems to be the same explanation of it. I looked at a couple of other links and they are the same article. GFI seems to be the main company that deals with it. How good it is I couldn't tell you.

www.gfi.com/mailsecurity/wpexploitengine.htm

Blackice the firewall sucked pretty bad, in fact it even failed leaktest ( www.grc.com ) i don't know about blackice IDS and its capabilities. I know that sygate personal firewall has some rudimentary IDS capability.. it picks up on known attacks.