OSSEC - a free Intrusion Detection System
Some perspective.. (Q)What is Host-based intrusion detection system (HIDS)? (A) A host-based intrusion detection system is an intrusion detection system that is capable of monitoring and analyzing the internals of a computing system as well as the network packets on its network interfaces. (Q) Why do we need HIDS and what are its uses? (A) The agent, which is installed on our servers communicates constantly with the master installed on another server. Any break-in attempt or software installations are communicated to master and based on rules and alert levels defined, master sends our Email and SMS notifications to relevant teams. All of this in real time . (Q) Looks pretty standard, what else can this do ? (A) Based on the installed product, HIDS also has feature of executing scripts on agents in case a server is unreachable because of break-in. Also this architecture supports multiple agents, giving the ability of aggregation and security event management (S...