Try Demarc (demarc.com) It uses snort and has a sweet frontend for analysis and reporting. Much better than ACID. Jay > -----Original Message----- > From: Joel T Schneider [mailto:jts at tc.umn.edu] > Sent: Monday, February 04, 2002 5:22 PM > To: tclug-list at mn-linux.org > Subject: Re: [TCLUG] intrusion detector > > > On Mon, 4 Feb 2002 Raymond Norton wrote: > > Message: 10 > > From: "Raymond Norton" <ray at lctn.k12.mn.us> > > To: <tclug-list at mn-linux.org> > > Date: Mon, 4 Feb 2002 14:52:55 -0600 > > Reply-To: tclug-list at mn-linux.org > > > > A while back someone posted a link to a nice intrusion > detector program. It > > had a web interface which displayed attempts, types of attacks, and > > specifically had a screen shot showing nimda attacks. > Anyone know where I > > can find it? > > Among IDS software packages, many people seem to prefer snort: > http://www.snort.org/ If you store the snort output in a database, ACID can generate nice reports for you (better not to run httpd or other services on IDS machine, though): http://acidlab.sourceforge.net/ Snortsnarf is another tool for analyzing snort output: http://www.silicondefense.com/software/snortsnarf/ Other links of potential interest: http://www.prelude-ids.org/ http://www.tripwire.org/ http://www.lids.org/ http://www.psionic.com/ http://www.freshmeat.net/projects/swatch/ http://www.bastille-linux.org/ http://www.cisecurity.org/bench.html http://www.nessus.org/ http://www.iss.net/ http://www.webtrends.com/ http://www.net.tamu.edu/network/tools/tiger.html http://www.intersectalliance.com/projects/Snare/index.html http://www.resentment.org/projects/viperdb/ http://www.chkrootkit.org/ http://www.immunix.org/ http://www.securityfocus.com/ http://www.sans.org/ http://www.linuxsecurity.org/ (Note that I do not presently consider myself a security expert - most of the above links were gleaned from security related conference sessions at the recent LWCE - http://www.linuxworldexpo.com/) Joel _______________________________________________ Twin Cities Linux Users Group Mailing List - Minneapolis/St. Paul, Minnesota http://www.mn-linux.org tclug-list at mn-linux.org https://mailman.mn-linux.org/mailman/listinfo/tclug-list