Security Group wrote: > I am currently evaluating several host-based Intrusion Detection > Systems to monitor servers in a DMZ.
Which type of servers ? > OSSEC Which is a log-based IDS... > Open Source Tripwire This is a file alteration monitor... > IBM Proventia > Enterasys Dragon IDS/IPS Aren't these NIDS ? > Cisco Security Agent This is an anomaly-based HIDS... You are comparing apples, oranges, bananas and lemons together... this is not really productive. > I am thinking of suggesting OSSEC. Does anyone have any other suggestions? Maybe you should clarify with yourself what you are actually trying to do ;-) Stefano ------------------------------------------------------------------------ Test Your IDS Is your IDS deployed correctly? Find out quickly and easily by testing it with real-world attacks from CORE IMPACT. Go to http://www.coresecurity.com/index.php5?module=Form&action=impact&campaign=intro_sfw to learn more. ------------------------------------------------------------------------
