Depends on what you want. On the low end, Tripwire & Swatch, for example, can act as a simple host-based intrusion detection system. TCPWrappers can be configured to be a simple network intrusion detection system. You probably want something more sophisticated, however. For Linux, there is LIDS (http://www.lids.org/) for host-based intrusion detection. This is a kernel-based system. Snort (http://www.snort.org/) is quite good for a network based intrusion detection system. I've not yet had time to try it, but Firestorm looks like it might have some promise as it evolves. See http://firestorm.geek-ware.co.uk/menu.php. There are a number of others. Try http://freshmeat.net/search/?q=intrusion+detection for a start. Ken Seefried, CISSP CTO - DigitalMoJo, Inc. -----Original Message----- From: Mark, Johnston [mailto:[EMAIL PROTECTED]] Sent: Wednesday, March 07, 2001 9:31 AM To: [EMAIL PROTECTED] Subject: IDS Can anyone recommend a freeware version of an IDS product ? Thanks Mark - [To unsubscribe, send mail to [EMAIL PROTECTED] with "unsubscribe firewalls" in the body of the message.] - [To unsubscribe, send mail to [EMAIL PROTECTED] with "unsubscribe firewalls" in the body of the message.]
