Home > English, OSS Solutions, security > IDS – Intrusion Detection Systems

IDS – Intrusion Detection Systems

An IDS is a system to track any changes not planned to a system. It is often used on sensitive machines where any unauthorized access is purely prohibited but can also act as a fool-proof system, more like a monitoring system.

It works by checksumming or understanding the format of each file, and scrutinizing any suspect change to files. It is off course meant to report any abnormal activity.

There are many, many such tools, with various capabilities, for UNIX systems.

LIDS is such a system for GNU/Linux which needs a kernel patch to work


Logcheck is a log analyser

Logsurfer same as above

fcheck which can be used to monitor changes to any given filesystem

The Analysis Console for Intrusion Databases (ACID) is a PHP-based analysis engine to search and process a database of security events generated by various IDSes, firewalls, and network monitoring tools

Prelude Hybrid IDS is an innovative Hybrid Intrusion Detection system designed to be very modular, distributed, rock solid and fast

MIDAS is a cross platform Monitoring and NIDS server. The goal of this project is to build a robust and complete network/system monitoring suite that is capable of scaling to very large networks.

Tripwire can be used to monitor changes to any given set of files or directories

chkrootkit identifies whether the target computer is infected with a rootkit

This article was first written in October 2003 for
the BeezNest technical website (http://glasnost.beeznest.org/articles/87)
Categories: English, OSS Solutions, security Tags: , ,
  1. No comments yet.
  1. No trackbacks yet.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: