Projects / Poor Man's IDS

Poor Man's IDS

Poor Man's IDS is a couple of scripts which check certain files on your host (any you like) for changes in content, ownership, and mode. Instead of only mailing if something is wrong (like other IDSs), this lean IDS will send you a daily (or weekly or hourly, depending on how you set-up your cron job) security audit, containing details of what it found (if anything).

Operating Systems

Recent releases

  •  30 Sep 2002 01:10

    Release Notes: A GPG bug and grabbing of md5 sigs from the Web site have been fixed. The default email address for reports is now 'root'.

    •  06 Aug 2002 23:23

      Release Notes: This release adds kernel commandline checking, listing of remote logins, remote root login detection, listing of loaded modules, and cryptographic signatures of the file database.

      •  25 Jun 2002 22:47

        Release Notes: This release has remote login checking, crash detection, and a better list of files.

        •  10 Jun 2002 18:52

          Release Notes: A new self-check portion and a new ability to pull signatures from a remote location (default is the author's Web site, and you must have wget for this feature to work).

          •  16 May 2002 12:46

            Release Notes: Most configuration was moved into a central file. A problem with mode change checking was fixed.


            Project Spotlight


            A Fluent OpenStack client API for Java.


            Project Spotlight

            TurnKey TWiki Appliance

            A TWiki appliance that is easy to use and lightweight.