iExploit

Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!

Sign In Apply for Membership

Top Posters

Who's Online (0)

Powered by Vanilla. Made with Bootstrap.
Looking to introduce yourself? Look no further, and click here! We also have IRC! [irc.evilzone.org #iexploit]
Favourite Linux IDS?
  • Xin
    Posts: 3,251
    Ive used quite a few and i have to say my favourite is the CLI snort, although im thinking of trying out the webbased version of it.
    Xin
  • chroniccommand
    Posts: 1,389
    Definitely snort. Works perfectly.
  • Sh3llc0d3
    Posts: 1,910
    Agreed, snort with base.

    EDIT: 1000th post :D
  • Xin
    Posts: 3,251
    said:


    Agreed, snort with base.

    EDIT: 1000th post :D



    Wow congrats! Didnt realise you had so many!
    Xin
  • Sh3llc0d3
    Posts: 1,910
    I think it's universally agreed for free snort is best :)
  • void
    Posts: 6
    unquestionably snort!
    you can configure it and integrate it with anything!
  • Hex00010
    Posts: 5
    At our work we use Tofino Argon 20 , Also using the new OpenSec V2.0.0 BIND Service Due to its extra protection it gives on Buffer Overflow Detection , SNORT no doubt , Whats really good is disabling all services and only allowing

    Ports

    80
    + BIND port
    + Disable the Mail service port and re-route your MX records to such as Googles Mail Server

    + Adding a Honeypot trap on all common ports is the best thing to do :)


    Here is a sample of one of my honeypot logs

    http://www.2shared.com/file/M9MxL2bP/honeypot.html


    NOTE: I wanted my lame skids to realize it was a Honeypot

    Ull know what i mean when u read the logs
  • jincorn
    Posts: 2
    aliendvault 

    Linux IDS :D
Add a Comment