Snort is the de facto standard for IDS/IPS. As any security professional will tell you, Snort is an excellent tool for real-time traffic analysis, packet logging, detection of attacks such as buffer overflows, and prevention of attacks.
Snort is a great solution for an open source software you can set up on any server, though there are excellent hardward IDS/IPS available in the market.
OSSEC is more of an HIDS and is a great tool as well, but is configured localy on the server/host.
Whereas OSSEC is HIDS, Snort is NIDS (Network IDS) and operates at the network level.
You try the Ax3soft Sax2, it is a professional network intrusion detection (IDS) and intrusion prevention system (IPS) to detect variety of attacks, including SQL inject attacks, worms, backdoor Trojans, ARP spoof, CGI/WWW attacks, DoS/DDoS, password guessing and so on.
You cannot post new topics in this forum You cannot reply to topics in this forum You cannot edit your posts in this forum You cannot delete your posts in this forum You cannot vote in polls in this forum