LinuxQuestions.org
Latest LQ Deal: Latest LQ Deals
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices


Reply
  Search this Thread
Old 01-27-2018, 06:24 PM   #1
LQSlacker
Member
 
Registered: Jul 2016
Posts: 94

Rep: Reputation: Disabled
Recommendations On A Simple HIDS For A Desktop User?


Hello,

I'm just looking for something simple and good a desktop user can check their box with?

Anyone have any recommendations?

Some apps I've been looking at;

AFICK
AIDE - hmm maybe outdated?
OSSEC
Samhain
Tripwire OpenSource - seems overkill from what I remember, and complex...

THANKS
 
Old 01-29-2018, 08:32 PM   #2
LQSlacker
Member
 
Registered: Jul 2016
Posts: 94

Original Poster
Rep: Reputation: Disabled
478 views and no thoughts from anyone... LOL

Well I'm tossing back and forth between samhain and ossec, might keep both, and run samhain on demand when needed and ossec in daemon mode...

Hmm
 
Old 01-30-2018, 07:46 AM   #3
Habitual
LQ Veteran
 
Registered: Jan 2011
Location: Abingdon, VA
Distribution: Catalina
Posts: 9,374
Blog Entries: 37

Rep: Reputation: Disabled
Unless the user has root access, those utilities may be over doing it bit.

clamav and some common sense (don't scan for PUA and only scan /home/<user>
rkhunter with proper configuration.

Security isn't an "app", it is a process.
And IF the OS isn't something stable or maintained, why bother?
Each OS is slightly different, but nothing works if it is not regularly maintained.

your "LOL" may be stemming from critical missing info from your post, Like OS build channel (LTS vs non-LTS)
The more you offer, the more you are likely to get out of such requests. LOL.

Why would AIDE be "outdated"?

Last edited by Habitual; 01-30-2018 at 11:42 AM. Reason: punctuation, of course.
 
Old 01-30-2018, 08:36 AM   #4
//////
Member
 
Registered: Nov 2005
Location: Land of Linux :: Finland
Distribution: Arch Linux && OpenBSD 7.4 && Pop!_OS && Kali && Qubes-Os
Posts: 824

Rep: Reputation: 350Reputation: 350Reputation: 350Reputation: 350
i can offer a "vote" for ossec hids, used it couple years ago, though its not "fire and forget" tool.
 
Old 03-01-2018, 11:24 PM   #5
LQSlacker
Member
 
Registered: Jul 2016
Posts: 94

Original Poster
Rep: Reputation: Disabled
No worries, best to just play with a few and see which one I like...

Thanks
 
Old 03-03-2018, 04:05 PM   #6
Trihexagonal
Member
 
Registered: Jul 2017
Posts: 362
Blog Entries: 1

Rep: Reputation: 334Reputation: 334Reputation: 334Reputation: 334
Quote:
Originally Posted by Habitual View Post
Why would AIDE be "outdated"?
I use it. You just have to run it as soon as you have all your programs installed for a database, and copy the original output file to a Flash Drive for comparison. It puts out a lot of info and you need to know what to look for in abnormal changes when running it to compare databases, so it can be confusing.

I actually rely more on rkhunter for file changes on FreeBSD, but OpenBSD considers it a gimmick and it isn't even in their repository.
 
Old 03-06-2018, 08:19 AM   #7
sundialsvcs
LQ Guru
 
Registered: Feb 2004
Location: SE Tennessee, USA
Distribution: Gentoo, LFS
Posts: 10,610
Blog Entries: 4

Rep: Reputation: 3905Reputation: 3905Reputation: 3905Reputation: 3905Reputation: 3905Reputation: 3905Reputation: 3905Reputation: 3905Reputation: 3905Reputation: 3905Reputation: 3905
You also used an acronym in your post title – HIDS – that might not be familiar to many people, and your OP doesn't offer any definition for that acronym. (It sounds like an unpleasant disease ...)

You forgot to say that it stands for Host-based Intrusion Detection System.

Last edited by sundialsvcs; 03-06-2018 at 08:20 AM.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
Any recommendations for a simple standalone flat-file wiki software slacker_ Linux - Software 5 11-08-2016 01:05 AM
gdm-simple-greeter.desktop is "Not responding" when I switch user in Fedora 11 fulee1 Linux - Newbie 6 03-26-2012 07:28 AM
Desktop Recommendations ?? 24jedi *BSD 13 06-13-2005 03:01 PM
Recommendations for a simple console based mail client ? debian_dummy Debian 3 05-02-2004 08:47 AM
Simple Ftp server recommendations Noved Linux - General 5 06-28-2002 12:13 PM

LinuxQuestions.org > Forums > Linux Forums > Linux - Security

All times are GMT -5. The time now is 07:39 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration