IDS mailing list archives
Re: host-based ips ?
From: Huagang Xie <xie () www lids org>
Date: Fri, 18 Apr 2003 00:45:30 -0700
Yes, Grseurity integrit PaX which can prevent buffer overflow attacks and some more useful features. In order to prevent attacks, a good host based IPS need a secureOS to support it. On linux, a frame work named LSM(lsm.immunix.org) is very useful to implement a secure Linux OS which already in kernel 2.5.x. Huagang On Fri, Apr 18, 2003 at 06:28:32AM +0000, SB CH wrote:
Good comment. and I think Grsecurity(http://www.grsecurity.net/) is good too, for linux. additionally, I have a question what's the difference between SeucreOS and Host based IPS and LIDS and Grsecurity? Thanks. From: Huagang Xie <xie () www lids org> To: focus-ids () securityfocus com Subject: Re: host-based ips ? Date: Thu, 17 Apr 2003 22:58:03 -0700 For linux, LIDS(Linux Intrusion Detection System, www.lids.org), an open source GPLed kernel enhancement software, can prevent file system from being modified, network setting from being changed, and even prevent worm spreading and more. In this case, LIDS could be treated as a Host base IPS..:-) Huagang On Thu, Apr 17, 2003 at 09:32:47PM +0900, Quynh Nguyen Anh wrote:hello, there are some nips (network based ips), but i never ever heard about host based ips. any body have known about this? thanh you a lot. -- Quynh------------------------------------------------------------------------------INTRUSION PREVENTION: READY FOR PRIME TIME? IntruShield now offers unprecedented Intrusion IntelligenceTMcapabilities- including intrusion identification, relevancy, direction, impact and analysis - enabling a path to prevention. Download the latest white paper "Intrusion Prevention: Myths,Challenges,and Requirements" at: http://www.securityfocus.com/IntruVert-focus-ids-- LIDS secure linux kernel http://www.lids.org/ 1024D/B6EFB028 4731 2BF7 7735 4DBD 3771 4E24 B53B B60A B6EF B028 << attach3 >> _________________________________________________________________ MSN Messenger?? ???? ?????????? ???? ?????? ?????? ????????. http://messenger.msn.co.kr
-- LIDS secure linux kernel http://www.lids.org/ 1024D/B6EFB028 4731 2BF7 7735 4DBD 3771 4E24 B53B B60A B6EF B028
Attachment:
_bin
Description:
Current thread:
- host-based ips ? Quynh Nguyen Anh (Apr 17)
- Re: host-based ips ? Huagang Xie (Apr 17)
- Re: host-based ips ? John Ruff (Apr 21)
- Re: host-based ips ? Mike Frantzen (Apr 21)
- <Possible follow-ups>
- RE: host-based ips ? Shimono, Toshio (ISS Tokyo) (Apr 17)
- RE: host-based ips ? Security News (Apr 21)
- RE: host-based ips ? Adam Powers (Apr 17)
- RE: host-based ips ? Chris Petersen (Apr 21)
- Re: host-based ips ? SB CH (Apr 21)
- Re: host-based ips ? Huagang Xie (Apr 21)
- Re: host-based ips ? Huagang Xie (Apr 17)