So, I was perusing some of the usual junk mail I receive and I came across a great article about the top 10 Open Source IDS tools (you can, and should, read it here
) and it prompted this quick blog post.
IDS can be a fickle b&$%*. There are many great tools available, some free, some inexpensive and some prohibitively expensive, particularly to small firms. Being at a small firm myself, I tend to look for the free or inexpensive tools. Unfortunately, some of these have a steep learning curve but with a little reading you can make them work.
The article also discusses a pre-rolled Linux distribution that contains all of the tools described in the article. It's an Ubuntu distribution (far from my favorite distro but a popular one at that). It's called Security Onion
and also includes Snorby
to help with IDS' equally fickle sister, log management.
The topic of log management was also the recent topic of the Tech Ops Open Mic call that occurred on April 21, 2015. You can find the recording of it here
I encourage you to read the article and then take the Security Onion for a test drive. Amongst all of the the tools included, I'm sure you may find at least something useful. I'm going to give it a whirl and will report back.
Dale#Small(under151) #ITOperations #VeryLarge(over500) #Large(251-500) #ServerOperationsandSecurity #Medium(151-250)