Host-based Ids

PCWorld Forums: Host-based Ids - PCWorld Forums

Page 1 of 1

You cannot start a new topic
You cannot reply to this topic

Host-based Ids

#1 Caramel2

Newbie

Group: New Member
Posts: 1
Joined: 01-June 12

Posted 01 June 2012 - 06:15 AM

Hi,

I am looking for a good Host-based IDS solution for Linux (one that inspects system calls, OS files, CPU usage etc.,,, network traffic inspection is not relevant for this case).

Since I am using it for research purposes I need it to give as an output not only alerts, but also some quantitative measure of the risk to the system (such as anomaly rate) .

Does anyone have an idea of an existing IDS (Maybe OSSEC will do the job)?

If not - do you have an idea how to build such an HIDS? (if you know one for windows that would also be good...)

Thanks