Securing your system with Linux Intrusion Detection System

Finding Out More

As of this writing, the LIDS project is in a state of transition. Updates to the project website are fairly infrequent. However, the most recent file on the LIDS homepage [1] is relatively recent (January 2009). The latest LIDS version is 2.2.3rc7, which is for kernel 2.6.28.

LIDS documentation is relatively old. The FAQ is one of the more recent documents, and it is dated May 19th, 2003. I didn't encounter anything technical that appeared incorrect, with the exception that some documents indicate that lidsadm still performs the configuration, and a few links were dead. A few of the documents refer to a LIDS wiki, but as of this writing, the hostname is not resolved by DNS. The LIDS homepage includes links to several documents that are only in Japanese.

SourceForge lets you subscribe to a LIDS mailing list; however, since I started subscribing, I have gotten nothing but spam. A low-traffic forum is available from the LIDS homepage, but responses can take a week or longer.

The current state of the help sources means that, although the developers continue to update the LDS module, you are sometimes on your own if you run into trouble, which means you should make room for some trial and error. I suggest using one of the VMware images to become familiar with LIDS before you install it on a production machine.


  1. SELinux:
  2. AppArmor:
  3. LIDS homepage:
  4. Downloadable VMware images:

Buy Linux Magazine

Get it on Google Play

US / Canada

Get it on Google Play

UK / Australia

Related content

  • AppArmor

    When an attacker succeeds in infecting a victim’s system, the attacker inherits the victim’s privileges. App Armor beats the attack by reducing the potential victim’s privileges to a minimum.

  • Hotplugging

    Hardware which just works is what every user wants. Current Linux distributions go a long way to fulfilling that dream. In this article, we will be investigating how the hotplug system works.

  • Perl: Lyrical Logfiles

    Instead of just monitoring incoming requests in your web server's logfile, a sound server makes them audible and lets you listen to the tune of users surfing the site.

  • iWatch

    Why wait for cron? iWatch monitors critical files and directories in realtime. This handy Perl script then notifies the user or runs a configurable command when change occurs.

  • SE Linux

    SELinux provides a safer system through the powerful concept of mandatory access controls.

comments powered by Disqus

Direct Download

Read full article as PDF: