Are there any good Intrustion Detection Systems out there for Linux?
Novell Cool Solutions: Question & Answer
Reader Rating 
from 1 ratings
Q:
Are there any good Intrustion Detection Systems out there for Linux?
A:
Yes.. There is "snort" as network-IDS, which I used successfully in some projects. It should/might be accompanied by some analyzing-tools,
like "snortalog".
Not only Network-IDS comes to mind, but also, and just as important, system-/filesystem-IDS, like "aide" or "tripwire".
Also, don't forget to make the HUGE amount of Firewall-data
understandable to people by using some sort of a log-analyzer like "fwlogwatch" or
"logsurfer".
fwlogwatch and snortalog are not included in SLES 9 (but RPMs are available on request), but everything else (snort, aide, tripwire) should be there.
Novell Cool Solutions (corporate web communities) are produced by WebWise Solutions. www.webwiseone.com