IDS mailing list archives

Re: Tripwire competitors

From: "Johann van Duyn" <Johann_van_Duyn () bat com>
Date: Tue, 2 Dec 2003 14:00:15 +0200




Symantec's Host IDS can do that via the FileWatch capability in realtime,
although it's much more than an integrity verification system, of course.
The installation I have constantly bugs me about changed files every time
new Active Directory Policies are pushed out to machines on our network.

Symantec's Enterprise Security Manager can do it in non-realtime, and can
check files at every policy run (if the policy is configured to check up
on files) to see whether they have changed.

Lastly, GFI's LANGuard System Integrity Monitor pitches itself pretty much
head-on against Tripwire, and is, I believe, not too shabby at what it
sets out to do.

Hope this helps...

Cheers

--------------------------------------------------------
J o h a n n   v a n   D u y n, CISSP
IT Risk and Security Manager: British American Tobacco South Africa
Stellenbosch, South Africa
Tel.  +27 (21) 8883765
Cel.  +27 (82) 3248035
Fax.  +27 (21) 8883587
eFax. +1 (509) 2785044
E:mail: johann_van_duyn () bat com
--------------------------------------------------------
"...damage amounts in computer-related crime are
 often based on numbers plucked from thin air."

                                                     -- Bruce
Schneier






"Joubert Berger" <joubert () berger-family org>
01-12-2003 19:17


       To:     focus-ids () securityfocus com
       cc:     (bcc: Johann van Duyn/Stellenbosch/ZA/BATCo)
       Subject:        Tripwire competitors



Anyone know of any commercial competitors to Tripwire?  I know of a number
of open source projects but don't know of any other commercial integrity
management systems.

--joubert


---------------------------------------------------------------------------
---------------------------------------------------------------------------




Confidentiality Notice: The information in this document and
attachments is confidential and may also be legally privileged.
It is intended only for the use of the named recipient. Internet
communications are not   secure and therefore British American
Tobacco does not accept legal responsibility for the contents of
this message. If you are not the intended recipient,please notify us
immediately and then delete this document. Do not disclose the
contents of this document to any other person, nor take any copies.
Violation of this notice may be unlawful.



---------------------------------------------------------------------------
---------------------------------------------------------------------------

Current thread:

Tripwire competitors Joubert Berger (Dec 01)
- Re: Tripwire competitors Andy Cuff [Talisker] (Dec 01)
- <Possible follow-ups>
- RE: Tripwire competitors Carney, Mark (Dec 01)
  - RE: Tripwire competitors Manteuffel Tom (Dec 01)
- Re: Tripwire competitors Chris Kirschke (Dec 01)
- Re: Tripwire competitors Johann van Duyn (Dec 02)