Host-based Intrusion Detection Software (HIDS)

Last Updated: 07/17/2013

Overview

CU-Boulder now requires that all private data servers have host-based intrusion detection software installed and used by the server administrator. To help facilitate this requirement, OIT and IT Security have developed helpful support resources for server administrators, as well as two recommended no-cost solutions called Tripwire Enterprise and OSSEC.

  • Host-based intrusion detection software is required on all private data servers and recommended for all Internet facing servers.
  • OIT provides two no-cost solutions:
    • Tripwire Enterprise software, license, and training:
      • Windows, Linux, and Unix servers
    • OSSEC resources and training:
      • Macintosh OS X server
    • OIT recommends these solutions and will provide the best level of support for customers who use Tripwire Enterprise or OSSEC.
    • OIT will provide server administrators with a Tripwire Enterprise license after the server administrator attends a training session, conducted on-campus by IT Security.
  • Server administrators can use an alternative solution.

Cost

OIT provides two no-cost solutions (Tripwire and OSSEC).

Who can get it

Host-based intrusion detection software (HIDS) is to be installed and used by the server administrator

How to get it

Attending a no-cost training session facilitated by IT Security is required to acquire the software and support for both Tripwire Enterprise and OSSEC.

Consulting is provided by the IT Security Office. Contact security@colorado.edu.