"InterSect Alliance has developed the first integrated
security auditing and event logging subsystem for the open source
Linux operating system, beating much larger organisations to the
punch. Its new tool, SNARE (System iNtrusion Analysis and Reporting
Environment) has been developed with a goal of reducing the cost of
entry into system auditing and host-based intrusion detection for
system managers, simplifying the process of configuration, reducing
resource requirements and providing meaningful reporting to
end-users.
According to Leigh Purdie, director and principal security
consultant, this is the first release of code for a host-based
intrusion detection system, although there have been inroads made
into the development of source code to address network-based
intrusion detection.
The two systems differ in that while a network-based intrusion
detection tool enables the user to determine when an intrusion is
being attempted, the host-based system allows the user to identify
when an intrusion has been successful."