OK - This is not TECHNICALLY a "testing" question. It is, however, a "security" question that may lead to a testing question.
We have need for a client-server intrusion detection package capable of running on linux. Our scenario is essentially needing an agent running on linux clients that can be monitored from a linux server.
We are currently looking at Snare. This does the job but is "price prohibitive" and there is "some" push-back from management on the cost.
Re: Intrusion Detection for Linux-based Client/Server
Thanks guys -
I had suggested the OWASP site originally and it seems there was some information, but... and as I'm rather low on the food chain for such things here (choosing solutions) and I think the Lords of IT may be investigating some options.
Otherwise, the Lords of IT had tried exactly that setup with Tripwire and Nagios, Troy. They ran across something that they were uncomforatable with and the auditors screamed over.
So, we'll see what they come up with... Hope they have a solution before we're scheduled to start testing. [img]/images/graemlins/wink.gif[/img]