IDS mailing list archives

Previous By Date Next
Previous By Thread Next

Re: McAfee Intercept

From: David Maynor <dmaynor () gmail com>
Date: Fri, 27 Aug 2004 21:11:41 -0400
http://www.phrack.org/show.php?p=62&a=5

On Thu, 26 Aug 2004 09:13:20 +0200, Tr8shCan <tr8shcan () linux be> wrote:

All,

Who can give me some insight in the HIDS capabilities of McAfee's
Entercept productline ?

Has this product functionality to:
* monitor system logfiles
(syslog -- windows event log -- IIS logs --Apache logs -- ...)
* detect filechanges (a la Tripwire),
* IPS: Buffer Overflow detection -- 'strange' syscalls -- API call
surveillance
* monitor all data packets sent/received by the stack on the host
(Network Node IDS)

Are there any HIDS products on the market yet that provide all of this
functionality?

Thx,
Michael.

--------------------------------------------------------------------------
FREE Network Security Webinar - How to implement IPSec security into VPN appliances

New threats and vulnerabilities require new high-performance IPSec VPN solutions for network protection.
Join the security experts from SafeNet on August 26 at 1:00 PM (Eastern), and learn how to successfully integrate 
IPSec security into VPN processors and appliances to provide powerful yet cost-effective VPN solutions for your 
customers.
Register now:

http://www.securityfocus.com/sponsor/SafeNet_focus-ids_040817
--------------------------------------------------------------------------
Previous By Date Next
Previous By Thread Next

Current thread: