IDS mailing list archives
RE: using HIDS for change control
From: Ron Gula <rgula () tenablesecurity com>
Date: Thu, 25 Aug 2005 05:25:10 -0400
Yes. Tripwire does this. Their underlying technology detects change. Ron Gula, CTO Tenable Network Security On Thu, 25 Aug 2005 5:21am, Rivera,Angel L. wrote:
Does anyone on this list know of a sponsor that is using HIDS to monitorchanges to a system's (Unix & Windows) configuration? The goal is to build a server according to specs (this would includehardening of the OS + agency specific security settings) then use a HIDSto detect and alert on any changes. Theoretically speaking, I know this can be done, but is anyone doing this? ------------------------------------------------------------------------ Test Your IDS Is your IDS deployed correctly? Find out quickly and easily by testing it with real-world attacks from CORE IMPACT.Go to http://www.securityfocus.com/sponsor/CoreSecurity_focus-ids_040708to learn more. ------------------------------------------------------------------------
--rgula ------------------------------------------------------------------------ Test Your IDS Is your IDS deployed correctly?Find out quickly and easily by testing it with real-world attacks from CORE IMPACT. Go to http://www.securityfocus.com/sponsor/CoreSecurity_focus-ids_040708 to learn more.
------------------------------------------------------------------------
Current thread:
- RE: using HIDS for change control Rivera,Angel L. (Aug 24)
- RE: using HIDS for change control Daniel Cid (Aug 25)
- RE: using HIDS for change control Ron Gula (Aug 25)
- <Possible follow-ups>
- RE: using HIDS for change control Evans, Arian (Aug 25)
- RE: using HIDS for change control Andrew Plato (Aug 27)
- RE: using HIDS for change control Rivera,Angel L. (Aug 27)