I tried but failed to install LIDS on Debian,so I have to find a replacement.


I'm not sure,but LIDS wont be the ONLY IDS system that works on Kernel level,so Any IDS tool similar to LIDS? even better ones?

BTW,LIDS sucks,bad documents,bad support...........absofuckinglutely a nigntmare

The common recommended ones are:

Tripwire (Payed) - http://www.tripwire.com/
AIDE (Free) - http://aide.sourceforge.net/

However, if you're running a web server, some say it is to resource intensive. It *might* be better to have a CRON job run rkhunter (http://www.rootkit.nl/) or chkroot (http://www.chkrootkit.org/) and have the original system hashes stored on a separate system.

I asked a similar question not so long ago on server fault. Hopefully some of the tips there can help you:
http://serverfault.com/questions/202112 ... y-overkill

I am a newbie in this area as well, so hopefully someone can be more informative!

Best of luck!

Thanks a lot+ a lot +a lot.
as far as I know, LIDS can protect the kernel but TripWire cannot.

I guess,if you use LIDS,it's impossible to install a rootkit into your system,it cannot be really hacked.
if you use TripWire instead,you can find the system has been hacked if it does,but then you also have to reinstall the OS.


am I right?


BTW,is it really necessary to disable the password authentication of SSH? the length of my root password is 40,Isn't that safe enough?

Once configured, key auth is much simpler to use. It's more portable, less dependent on your memory, and also many, many times more secure.

Let me know how I can log on from a random remote machine without carrying around a USB stick with my key on it and I'll agree that it's more portable. Until then, key-only auth is uselessly restrictive since it prevents me from logging in without carrying storage media around with me at all times.

And that's why I'm grateful for lish!

_________________
Paid support
How to ask for help
1. Give details of your problem
2. Post any errors
3. Post relevant logs.
4. Don't hide details i.e. your domain, it just makes things harder
5. Be polite or you'll be eaten by a grue