Hi,
Briefly, my question: does anyone here know the best way to implement
all of these (Integrity Checks, Servers Monitoring and Remote
Logging) in a mixed environment (UNIX/Windows), everything being open-source ?
Details of the question:
I am looking for open-source products to secure our network and
servers, which are a mix of Windows/Linux/AIX. I am looknig for some
help in deciding what products to implement.
1- I want to begin by implementing an integrity checker. I am looking
at Samhain and Osiris. Samhain seems better, but since it does not
support Windows, I will probably use Osiris. Maybe OSSEC also would
do the job ?
2- I want to run Nagios on my servers for monitoring
3- I want to setup my UNIX and Windows servers with remote logging.
For the UNIX/Linux servers, I would do remote syslogging to a syslog
server such as Syslog-ng or Rsyslog. For the Windows servers, I would
also setup a remote logging to that same syslog server, with a client
tool such as Winsyslog.
4- On top of that, I would like to implement a SIMS. I know of 3
open-source SIMS: Prelude, OSSIM and OpenSIMS. Is one better than the
other with my mixed environment?
5- Would a Change Management Solution like Radmind on top of all that
be compatible worthwile, or it would mainly be redundant ?
So my question again: does anyone here know the best way to implement
all of these (Integrity Checks, Servers Monitoring and remote
Logging) in a mixed environment (UNIX/Windows), everything being open-source ?
Thank you.
Pat
------------------------------------------------------------------------
Test Your IDS
Is your IDS deployed correctly?
Find out quickly and easily by testing it
with real-world attacks from CORE IMPACT.
Go to http://www.securityfocus.com/sponsor/CoreSecurity_focus-ids_040708
to learn more.
------------------------------------------------------------------------
Received on Aug 30 2006
Intro
