Full Disclosure mailing list archives
Re: IDS for Windows
From: Ron DuFresne <dufresne () winternet com>
Date: Tue, 10 Aug 2004 00:12:49 -0500 (CDT)
I think one can still find portmon, and perhaps a few others, did you try a google search prior to asking here?? That's a prime place to start, then perhaps rephrase here asking for experiences others have had with a few products you find and are interested in/fits your needs/abilities? One thing about a number <most?> IDS ir portmonitoring software, they tend to show the ports they monitor for activity/action as being "open", this will attract a tad more attention to the systems they are placed upon, much as a honeypot will. Better to lock down exposed systems in most cases with a firewall that actually drops or denies all connetion/probe attempts to unwanted exposures. Firewalling remains the most effective primary besides just uninstalling or not installing in the first place, services un-needed and/or not-understood. IDS systems tend to take alot of care and feeding to make real use of them in an unwastfule manner, and they are best placed behind a firewall as one more additional warning layer should the firewall incorrectly fail-open, or die, or not start, or somehow miss something your security policy dictates. Palcing a IDS at the frontgate tends to make them so noisy that they are soon ignored anyways... Thanks, Ron DuFresne On Tue, 10 Aug 2004, Carsten Ruckelshausen wrote:
Hi, i'm looking for a Intrusion Detection System (host and/or net) for Windows. It should be Free or Shareware and perhaps it could work in a Windows/Linux network. Any idea ? Bis denn dann, Carsten ------------------------------------------------ e-mail: carsten () sgcr net www: www.sgcr.net mobil: +49-173-2137083 fax: +49-6403-96187 ------------------------------------------------ _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ "Cutting the space budget really restores my faith in humanity. It eliminates dreams, goals, and ideals and lets us get straight to the business of hate, debauchery, and self-annihilation." -- Johnny Hart ***testing, only testing, and damn good at it too!*** OK, so you're a Ph.D. Just don't touch anything. _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- IDS for Windows Carsten Ruckelshausen (Aug 09)
- Re: IDS for Windows Kyle Maxwell (Aug 09)
- Re: IDS for Windows Ron DuFresne (Aug 09)
- Re: IDS for Windows Harlan Carvey (Aug 10)
- <Possible follow-ups>
- Re: IDS for Windows Carsten Ruckelshausen (Aug 10)