At the risk of starting a flamefest, what is a good IDS? I ask because the recent compromises have got me thinking. I have a couple of web/mail servers I am adminning at school, and I really have no way of knowing if they have been 0wn3d. I (poorly) check the logs every 2 to 4 weeks, but that doesn't seem like enough.
What does everyone else use? (BTW, my servers run stable.)
-Roberto
pgp00000.pgp
Description: PGP signature
