Operating System - HP-UX
1823913 Members
3326 Online
109667 Solutions
New Discussion юеВ

Re: Intrusion Detection? File Monitoring software?

 
Michael Gretton
Frequent Advisor

Intrusion Detection? File Monitoring software?

Anyone know of any software (except Tripwire) that will monitor key directories/files for modification, deletion/creation? What about a better auditing system than the one built into HP?

I find tripwire frustrating and I am looking for options.

Thanks!

Mike
4 REPLIES 4
harry d brown jr
Honored Contributor

Re: Intrusion Detection? File Monitoring software?

You could look into Axent's (symantec)ITA software, but you won't find it less fustrating, as it is a pig.

http://enterprisesecurity.symantec.com/content/productlink.cfm

Live Free or Die
Rainer von Bongartz
Honored Contributor

Re: Intrusion Detection? File Monitoring software?

Go for HP' Praesidium IDS/9000
intrusion detection.

you can download it for free from software.hp.com


Regards
Rainer
He's a real UNIX Man, sitting in his UNIX LAN making all his UNIX plans for nobody ...
Bernie Vande Griend
Respected Contributor

Re: Intrusion Detection? File Monitoring software?

I too am looking into the same thing. Tripwire is OK for us, but getting quite spendy. I have not used any of these, but here are some options:

Veracity:
http://www.veracity.com/

AIDE: (Basically a free replacement for Tripwire, not sure if available for HP-UX):
http://www.cs.tut.fi/~rammer/aide.html

HP's IDS (free for HP-UX)

Fcheck (a freeware script, probably not what you want):
http://www.geocities.com/fcheck2000/fcheck.html

Intact: (not sure about HP-UX support)
http://www.pedestalsoftware.com/intact/index.htm

Integrit: (freeware)
http://integrit.sourceforge.net/

Samhain: (opensource, looks interesting)
http://la-samhna.de/samhain/

There are many others, but most of them are a side aspect of a larger security product such as CA's Access Control, Power Broker, etc.
Ye who thinks he has a lot to say, probably shouldn't.
Bill McNAMARA_1
Honored Contributor

Re: Intrusion Detection? File Monitoring software?

Use swverify OS-Core
as a crude one!

Later,
Bill "It works for me"
It works for me (tm)