Intrusion Detection Systems
Anyone here have a functioning IDS setup, or experience you'd be willing to share? I honestly haven't touched this stuff since college, but thought it worth looking into now that things are finally settling down. We really don't have any cash to plunk down on any additional equipment now so I was looking at Snort and OSSEC. Can't seem to decide between Windows or Linux either. I'm no stranger to a Linux CLI (I setup a couple Squid proxies internally here), but already have a few devices running Windows I wanted to utilize. Any thoughts? Thanks guys..