Security Basics mailing list archives

Re: Info HIDS

From: Daniel Cid <danielcid () yahoo com br>
Date: Fri, 9 Jul 2004 10:06:28 -0300 (ART)

Yes, you need to install tripwire on that specific
host. You can also use the syscheck
(http://www.ossec.net/syscheck/) that can read the
informations from a remote machine (but you will also
need to install it on the webserver1).
Don't forget that we are talking about Host-based IDS.
If you want a NIDS (network-based IDS), you can use
Snort (http://www.snort.org)

-
Daniel B. Cid

--- Carlos H <carloshp () cantv net> escreveu: > Hello
list,

recently I have been deployment a DMZ.  I'm trying
to install and 
configure an HIDS (tripwire) to get intrusion's
information about a Web 
Server (WebServer1).

Looking on Tripwire's manual i found that is
necesary (i`m not really 
sure!!!) that Tripwire run on the same machime to be
monitored.  I mind, 
Tripwire must be installed on WebServer1.  That is
not good for me!  The 
question is: Exist another way to configure Tripwire
(or other HIDS) 
looking for detecting a remote host? Is possible to
install Tripwire in 
a diferent host to WebServer1?

Carlos H.

---------------------------------------------------------------------------

Ethical Hacking at the InfoSec Institute. Mention
this ad and get $545 off 
any course! All of our class sizes are guaranteed to
be 10 students or less 
to facilitate one-on-one interaction with one of our
expert instructors. 
Attend a course taught by an expert instructor with
years of in-the-field 
pen testing experience in our state of the art
hacking lab. Master the skills 
of an Ethical Hacker to better assess the security
of your organization. 
Visit us at:

http://www.infosecinstitute.com/courses/ethical_hacking_training.html

----------------------------------------------------------------------------

 



        
        
                
_______________________________________________________
Yahoo! Mail agora com 100MB, anti-spam e antivírus grátis!
http://br.info.mail.yahoo.com/

---------------------------------------------------------------------------
Ethical Hacking at the InfoSec Institute. Mention this ad and get $545 off 
any course! All of our class sizes are guaranteed to be 10 students or less 
to facilitate one-on-one interaction with one of our expert instructors. 
Attend a course taught by an expert instructor with years of in-the-field 
pen testing experience in our state of the art hacking lab. Master the skills 
of an Ethical Hacker to better assess the security of your organization. 
Visit us at: 
http://www.infosecinstitute.com/courses/ethical_hacking_training.html
----------------------------------------------------------------------------

Current thread:

Security Organization in Banks Alessandro Bottonelli (Jul 06)
- RE: Security Organization in Banks Dave Dyer (Jul 07)
  - Re: Security Organization in Banks Steve (Jul 08)
- Info HIDS Carlos H (Jul 08)
  - Re: Info HIDS Don Voss (Jul 09)
  - Re: Info HIDS captgoodnight (Jul 09)
  - Re: Info HIDS Daniel Cid (Jul 09)
  - Re: Info HIDS Dave Dearinger (Jul 12)