Browse history interactively ← Previous edit Content deleted Content addedVisual Wikitext Inline
Revision as of 23:22, 11 August 2024 edit 66.41.189.188 (talk ) →Free and open-source software ← Previous edit
Latest revision as of 23:23, 11 August 2024 edit undo 66.41.189.188 (talk ) →Free and open-source software
Line 42:
Line 42:
| {{yes}}<ref>{{cite web |url=http://packages.ubuntu.com/search?keywords=samhain |title=Samhain |publisher=Ubuntu |accessdate=2017-04-19 }} Samhain in the Ubuntu Repositories</ref>
| {{yes}}<ref>{{cite web |url=http://packages.ubuntu.com/search?keywords=samhain |title=Samhain |publisher=Ubuntu |accessdate=2017-04-19 }} Samhain in the Ubuntu Repositories</ref>
| {{no}}
| {{no}}
| {{yes}}<ref>{{cite web |url=https://software.opensuse.org/package/samhain?search_term=Samhain |title=Samhain |publisher openSUSE OBS|accessdate=2024-08-11 }} File integrity and host-based IDS</ref>
| {{yes}}<ref>{{cite web |url=https://software.opensuse.org/package/samhain?search_term=Samhain |title=Samhain |publisher= openSUSE OBS|accessdate=2024-08-11 }} File integrity and host-based IDS</ref>
| {{yes}}
| {{yes}}
| {{no}}
| {{no}}
Latest revision as of 23:23, 11 August 2024
Comparison of host-based intrusion detection system components and systems.
As per the Unix philosophy a good HIDS is composed of multiple packages each focusing on a specific aspect.
Package
Updated
Ubuntu Official Repositories
CentOS Official Repositories
openSUSE Official Repositories
File
Network
Logs
Config
Notes
OSSEC
2022
No
No
Yes
Yes
Yes
Yes
Yes
Wazuh
2022
No
No
?
Yes
Yes
Yes
Yes
Samhain
2021
Yes
No
Yes
Yes
No
Partial
Snort
2018
Yes
No
No
No
Yes
No
chkrootkit
2023
Yes
No
Yes
Yes
No
Partial
rkhunter
2018
Yes
Yes
Yes
Yes
No
No
Yes
unhide
2012
Yes
Yes
Yes
No
No
No
proc ps compare
Sguil
2017
No
No
No
No
Yes
No
Logwatch
2017
Yes
Yes
Yes
No
No
Yes
Logcheck
2017
Yes
Yes
Yes
No
No
Yes
Epylog
2014
Yes
Yes
Yes
No
No
Yes
SWATCH
2015
Yes
Yes
Yes
No
No
Yes
sagan
2021
Yes
No
No
No
No
Yes
aide
2023
Yes
Yes
Yes
Yes
No
No
tripwire
2018
Yes
Yes
Yes
Yes
No
No
Tiger
2018
Yes
No
No
Yes
No
No
Yes
3/42 modules are Debian specific.
Package
Year
Linux
Windows
File
Network
Logs
Config
Notes
Lacework
2018
Yes
No
Yes
Yes
Yes
Yes
Verisys
2018
Yes
Yes
Yes
Yes
Yes
Nessus
2017
Yes
Yes
Yes
Atomicorp
2019
Yes
Yes
Yes
Yes
Yes
Yes
Commercially enhanced version of OSSEC
Spartan
2021
No
Yes
Yes
Yes
Yes
Yes
Websocket API, IP to Country mapping, DynDNS Integration
References
"Downloads OSSEC" . OSSEC. Retrieved 2017-10-19. OSSEC for Debian Based systems
"Downloads OSSEC" . OSSEC. Retrieved 2017-10-29. OSSEC for RHEL/Fedora Based systems
"ossec-hids" . openSUSE OBS. Retrieved 2024-08-11. An Open Source Host-based Intrusion Detection System
"Samhain" . Ubuntu. Retrieved 2017-04-19. Samhain in the Ubuntu Repositories
"Samhain" . openSUSE OBS. Retrieved 2024-08-11. File integrity and host-based IDS
Last
"Snort" . Ubuntu. Retrieved 2017-04-19. Snort in the Ubuntu Repositories
"Snort" . Cisco Systems. Retrieved 2017-05-31. Snort in the CentOS Repositories
"ChkRootkit" . Ubuntu. Retrieved 2017-04-19. ChkRootkit in the Ubuntu Repositories
lastlog, wtmp, utmp, wtmpx
"RKHunter" . Ubuntu. Retrieved 2017-04-19. RKHunter in the Ubuntu Repositories
"RKHunter" . Ubuntu. Retrieved 2017-04-19. RKHunter in the CentOS Repositories
"unhide" . debian. Retrieved 2017-04-17. unhide is notable because it's part of Debian and Fedora
"UnHide" . Ubuntu. Retrieved 2017-04-19. UnHide in the Ubuntu Repositories
"UnHide" . Ubuntu. Retrieved 2017-04-19. UnHide in the CentOS Repositories
"Logwatch" . debian. Retrieved 2017-04-17. Logwatch is notable because it's part of Debian and Fedora
"LogWatch" . Ubuntu. Retrieved 2017-04-19. LogWatch in the Ubuntu Repositories
"LogWatch" . Ubuntu. Retrieved 2017-04-19. LogWatch in the CentOS Repositories
"Logcheck" . debian. Retrieved 2017-04-17. Logcheck is notable because it's part of Debian and Fedora
"Logcheck" . Ubuntu. Retrieved 2017-04-19. Logcheck in the Ubuntu Repositories
"Logcheck" . Ubuntu. Retrieved 2017-04-19. Logcheck in the CentOS Repositories
"Epylog" . debian. Retrieved 2017-04-17. Epylog is notable because it's part of Debian and Fedora
"Epylog" . Ubuntu. Retrieved 2017-04-19. Epylog in the Ubuntu Repositories
"Epylog" . Ubuntu. Retrieved 2017-04-19. Epylog in the CentOS Repositories
"SWATCH" . debian. Retrieved 2017-04-17. SWATCH is notable because it's part of Debian and Fedora
"SWATCH" . Ubuntu. Retrieved 2017-04-19. SWATCH in the Ubuntu Repositories
"SWATCH" . Ubuntu. Retrieved 2017-04-19. SWATCH in the CentOS Repositories
"Sagan" . Ubuntu. Retrieved 2017-04-19. Sagan in the Ubuntu Repositories
"AIDE" . Ubuntu. Retrieved 2017-04-19. AIDE in the Ubuntu Repositories
"AIDE" . Ubuntu. Retrieved 2017-04-19. AIDE in the CentOS Repositories
"Tripwire" . Ubuntu. Retrieved 2017-04-19. Tripwire in the Ubuntu Repositories
"Tripwire" . Ubuntu. Retrieved 2017-04-19. Tripwire in the CentOS Repositories
"Tripwire" . Ubuntu. Retrieved 2017-04-19. Tripwire in the Ubuntu Repositories
Last updated
External links
Category :
Text is available under the Creative Commons Attribution-ShareAlike License. Additional terms may apply.
**DISCLAIMER** We are not affiliated with Wikipedia, and Cloudflare.
The information presented on this site is for general informational purposes only and does not constitute medical advice.
You should always have a personal consultation with a healthcare professional before making changes to your diet, medication, or exercise routine.
AI helps with the correspondence in our chat.
We participate in an affiliate program. If you buy something through a link, we may earn a commission 💕
↑